Skip to content

Commit

Permalink
HIVE-25054: Upgrade jodd-core dependency to get rid of CVE-2018-21234
Browse files Browse the repository at this point in the history 
… (Abhay Chennagiri, reviewed by Jesus Camacho Rodriguez)

Closes apache#2217
  • Loading branch information
@achennagiri @pan3793
achennagiri authored and pan3793 committed Mar 4, 2024
1 parent 63e2194 commit c7b762a
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 13 deletions.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@
<jline.version>2.12</jline.version>
<jms.version>2.0.2</jms.version>
<joda.version>2.8.1</joda.version>
<jodd.version>3.5.2</jodd.version>
<jodd.version>6.0.0</jodd.version>
<json.version>1.8</json.version>
<junit.version>4.11</junit.version>
<kryo.version>3.0.3</kryo.version>
Expand Down
4 changes: 2 additions & 2 deletions ql/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@
</dependency>
<dependency>
<groupId>org.jodd</groupId>
<artifactId>jodd-core</artifactId>
<artifactId>jodd-util</artifactId>
<version>${jodd.version}</version>
</dependency>
<dependency>
Expand Down Expand Up @@ -879,7 +879,7 @@
<include>javax.jdo:jdo-api</include>
<include>commons-lang:commons-lang</include>
<include>org.apache.commons:commons-lang3</include>
<include>org.jodd:jodd-core</include>
<include>org.jodd:jodd-util</include>
<include>com.tdunning:json</include>
<include>org.apache.avro:avro</include>
<include>org.apache.avro:avro-mapred</include>
Expand Down
16 changes: 9 additions & 7 deletions ql/src/java/org/apache/hadoop/hive/ql/io/parquet/timestamp/NanoTimeUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
import java.util.TimeZone;
import java.util.concurrent.TimeUnit;

import jodd.datetime.JDateTime;
import jodd.time.JulianDate;

/**
* Utilities for converting from java.sql.Timestamp to parquet timestamp.
Expand Down Expand Up @@ -63,9 +63,10 @@ public static NanoTime getNanoTime(Timestamp ts, boolean skipConversion) {
if (calendar.get(Calendar.ERA) == GregorianCalendar.BC) {
year = 1 - year;
}
JDateTime jDateTime = new JDateTime(year,
JulianDate jDateTime;
jDateTime = JulianDate.of(year,
calendar.get(Calendar.MONTH) + 1, //java calendar index starting at 1.
calendar.get(Calendar.DAY_OF_MONTH));
calendar.get(Calendar.DAY_OF_MONTH), 0, 0, 0, 0);
int days = jDateTime.getJulianDayNumber();

long hour = calendar.get(Calendar.HOUR_OF_DAY);
Expand All @@ -90,11 +91,12 @@ public static Timestamp getTimestamp(NanoTime nt, boolean skipConversion) {
julianDay--;
}

JDateTime jDateTime = new JDateTime((double) julianDay);
JulianDate jDateTime;
jDateTime = JulianDate.of((double) julianDay);
Calendar calendar = getCalendar(skipConversion);
calendar.set(Calendar.YEAR, jDateTime.getYear());
calendar.set(Calendar.MONTH, jDateTime.getMonth() - 1); //java calendar index starting at 1.
calendar.set(Calendar.DAY_OF_MONTH, jDateTime.getDay());
calendar.set(Calendar.YEAR, jDateTime.toLocalDateTime().getYear());
calendar.set(Calendar.MONTH, jDateTime.toLocalDateTime().getMonth().getValue() - 1); //java calendar index starting at 1.
calendar.set(Calendar.DAY_OF_MONTH, jDateTime.toLocalDateTime().getDayOfMonth());

int hour = (int) (remainder / (NANOS_PER_HOUR));
remainder = remainder % (NANOS_PER_HOUR);
Expand Down
6 changes: 3 additions & 3 deletions service/src/resources/hive-webapps/hiveserver2/hiveserver2.jsp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
import="java.util.Collection"
import="java.util.Date"
import="java.util.List"
import="jodd.util.HtmlEncoder"
import="jodd.net.HtmlEncoder"
%>

<%
Expand Down Expand Up @@ -147,7 +147,7 @@ for (HiveSession hiveSession: hiveSessions) {
%>
<tr>
<td><%= operation.getUserName() %></td>
<td><%= HtmlEncoder.strict(operation.getQueryDisplay() == null ? "Unknown" : operation.getQueryDisplay().getQueryString()) %></td>
<td><%= HtmlEncoder.text(operation.getQueryDisplay() == null ? "Unknown" : operation.getQueryDisplay().getQueryString()) %></td>
<td><%= operation.getExecutionEngine() %>
<td><%= operation.getState() %></td>
<td><%= new Date(operation.getBeginTime()) %></td>
Expand Down Expand Up @@ -188,7 +188,7 @@ for (HiveSession hiveSession: hiveSessions) {
%>
<tr>
<td><%= operation.getUserName() %></td>
<td><%= HtmlEncoder.strict(operation.getQueryDisplay() == null ? "Unknown" : operation.getQueryDisplay().getQueryString()) %></td>
<td><%= HtmlEncoder.text(operation.getQueryDisplay() == null ? "Unknown" : operation.getQueryDisplay().getQueryString()) %></td>
<td><%= operation.getExecutionEngine() %>
<td><%= operation.getState() %></td>
<td><%= operation.getElapsedTime()/1000 %></td>
Expand Down

0 comments on commit c7b762a

Please sign in to comment.