[hibernate-issues] [Hibernate-JIRA] Created: (HHH-6688) ParameterParser.parse(...) has a parsing bug involving "call" substring
silly things (JIRA)
noreply at atlassian.com
Wed Sep 28 17:39:30 EDT 2011
ParameterParser.parse(...) has a parsing bug involving "call" substring
-----------------------------------------------------------------------
Key: HHH-6688
URL: http://opensource.atlassian.com/projects/hibernate/browse/HHH-6688
Project: Hibernate Core
Issue Type: Bug
Components: core
Affects Versions: 3.3.1
Environment: windows and linux.
Reporter: silly things
The following line of code does not account for the possibility that a column name in the sqlString can contain the substring "call". As a result hasMainOutputParameter will get set to the wrong value.
ParameterParser.java
public static void parse(String sqlString, Recognizer recognizer) throws QueryException {
boolean hasMainOutputParameter = sqlString.indexOf( "call" ) > 0 &&
sqlString.indexOf( "?" ) < sqlString.indexOf( "call" ) &&
sqlString.indexOf( "=" ) < sqlString.indexOf( "call" );
For example:
create table test (id varchar(255), call_center varchar(255));
sql = "insert test set id=?, call_center=?;"
SQLQuery query = session.createSQLQuery(sql);
query.setParameter(0, "blab");
query.setParameter(1, "california");
At this point, the second setParameter call will exception out. This is because the createSQLQuery() calls ParameterParser which wrongly parse any sql that contains "call" in the substring. Actually, if you think about the following, the edge case that is not being handled is pretty obvious.
boolean hasMainOutputParameter = sqlString.indexOf( "call" ) > 0 &&
sqlString.indexOf( "?" ) < sqlString.indexOf( "call" ) &&
sqlString.indexOf( "=" ) < sqlString.indexOf( "call" );
I am using 3.3.1 but I suspect this is affecting all current release.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the hibernate-issues
mailing list