Update sqlite-jdbc to 3.41.2.2 to address CVE-2023-32697

[MaxKsyunz]

CVE is here.

This CVE does not affect deployments of sql plugin because only integration tests use sqlite-jdbc.

Issues Resolved

#1669

Check List

• New functionality includes testing.
  • All tests pass, including unit test, integration test and doctest
• New functionality has been documented.
  • New functionality has javadoc added
  • New functionality has user manual doc added
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

Merging #1667 (4e51282) into main (c7dfdb3) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main    #1667   +/-   ##
=========================================
  Coverage     97.29%   97.29%           
  Complexity     4408     4408           
=========================================
  Files           388      388           
  Lines         10944    10944           
  Branches        774      774           
=========================================
  Hits          10648    10648           
  Misses          289      289           
  Partials          7        7           

Flag	Coverage Δ
sql-engine	97.29% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[MaxKsyunz]

This introduced a proper CI failure 😱 . CorrectnessIT is failing for three test cases. Here's one of them:

 {
      "explain": "Schema type at [0] is different: this=[Type(name=-0.36651292058166435, type=[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT])], other=[Type(name=LOG(LOG(2)), type=[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT])], Schema type at [0] is different: this=[Type(name=-0.36651292058166435, type=[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT])], other=[Type(name=LOG(LOG(2)), type=[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT])]",
      "result": "Failed",
      "resultSets": [
        {
          "schema": [{
            "name": "-0.36651292058166435",
            "type": "[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT]"
          }],
          "dataRows": [[-0.36]],
          "database": "H2"
        },
        {
          "schema": [{
            "name": "LOG(LOG(2))",
            "type": "[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT]"
          }],
          "dataRows": [[-0.36]],
          "database": "OpenSearch"
        },
        {
          "schema": [{
            "name": "LOG(LOG(2))",
            "type": "[FLOAT, DOUBLE, REAL, DOUBLE PRECISION, DECFLOAT]"
          }],
          "dataRows": [[-0.52]],
          "database": "SQLite"
        }
      ],
      "id": 98,
      "errors": "",
      "sql": "SELECT log(log(2))"
    },

[rupal-bq]

@MaxKsyunz Can you look into failed test? If there's any blocker then we can check adding exception for this.

[Yury-Fridlyand]

Why it started to fail?

1
xerial/sqlite-jdbc#763
In the updated version, the default evaluation of log(x) has changed from ln(x) to log10(x), which is a breaking change.
Thanks @vamsi-amazon for finding this.

2
H2 DB returns valid result, but it changes column name. For example, for query select 1 + 1 H2 returns a result set with a column named 2.

3
Correctness test compares result (DBresult object) for every query gotten from OpenSearch with result from H2 and SQLite. If comparison with both references fails => query check fails => all test fails.

4
All queries with logarithms produced incorrect value on SQLite due to changes described in 1 and incorrect column name on H2 as described in 2. All queries with log call failed.

Fix

Don't validate column name on H2 results.

[dai-chen]

Thanks for the fix!

[opensearch-trigger-bot]

The backport to 1.3 failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.3 1.3
# Navigate to the new working tree
cd .worktrees/backport-1.3
# Create a new branch
git switch --create backport/backport-1667-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 dc4e468a4849d6f2fd28b15d1b926d8cce808a9f
# Push it to GitHub
git push --set-upstream origin backport/backport-1667-to-1.3
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.3

Then, create a pull request where the base branch is 1.3 and the compare/head branch is backport/backport-1667-to-1.3.

[opensearch-trigger-bot]

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-2.x 2.x
# Navigate to the new working tree
cd .worktrees/backport-2.x
# Create a new branch
git switch --create backport/backport-1667-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 dc4e468a4849d6f2fd28b15d1b926d8cce808a9f
# Push it to GitHub
git push --set-upstream origin backport/backport-1667-to-2.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-1667-to-2.x.