[jboss-jira] [JBoss JIRA] (HIBERNATE-145) Issue in HQL to SQL Conversion for Order By Clause
Steve Ebersole (JIRA)
issues at jboss.org
Thu Nov 19 10:06:00 EST 2015
[ https://issues.jboss.org/browse/HIBERNATE-145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Ebersole closed HIBERNATE-145.
------------------------------------
Resolution: Rejected
> Issue in HQL to SQL Conversion for Order By Clause
> --------------------------------------------------
>
> Key: HIBERNATE-145
> URL: https://issues.jboss.org/browse/HIBERNATE-145
> Project: Hibernate Integration
> Issue Type: Bug
> Reporter: Hitesh Saliya
> Assignee: Steve Ebersole
> Priority: Minor
>
> Created HQL Query with string : " select * from tableName where id=1 order by id desc 'any content' ".
> Its executing with no error.
> Generated SQL : " select * from tableName where id=1 order by id desc "
> Here, for hql with order by clause, anything written after order by inside '...' is removed.
> Is this behavior is for sql injection threat or its a bug in translation engine?
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list