Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question mark (?) in string literal erroneously detected as parameter bind marker #3125

Closed
hugograf opened this issue Aug 24, 2023 · 4 comments
Closed

Question mark (?) in string literal erroneously detected as parameter bind marker #3125

hugograf opened this issue Aug 24, 2023 · 4 comments
Assignees
@mp911de
Labels
type: regression A regression from a previous release
Milestone
3.0.10 (2022.0.10)

Comments

@hugograf
Copy link

Since the Spring Boot 3.1.3 release, the following native query no longer works:

SELECT itp.id_trans_imp_template AS idTransactionImportTemplate, itp.template_purpose AS templatePurpose, CAST(REGEXP_SUBSTR(itp.template_as_txt, '(?<=templateId\\\\=)(\\\\d+)(?:\\\\R)') AS INT) AS templateId FROM imp_trans_template itp WHERE itp.id_trans_imp_platform = ?1 AND itp.template_format_type = 1

The following error is generated:

Mixing of ? parameters and other forms like ?1 is not supported
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.resolveFieldValue(AutowiredAnnotationBeanPostProcessor.java:716) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:696) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:145) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessProperties(AutowiredAnnotationBeanPostProcessor.java:483) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1416) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:597) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:520) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:326) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:324) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:973) ~[spring-beans-6.0.11.jar:6.0.11]
	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:942) ~[spring-context-6.0.11.jar:6.0.11]
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:608) ~[spring-context-6.0.11.jar:6.0.11]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[spring-boot-3.1.3.jar:3.1.3]
	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:734) ~[spring-boot-3.1.3.jar:3.1.3]
	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:436) ~[spring-boot-3.1.3.jar:3.1.3]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:312) ~[spring-boot-3.1.3.jar:3.1.3]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306) ~[spring-boot-3.1.3.jar:3.1.3]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1295) ~[spring-boot-3.1.3.jar:3.1.3]
	at grafioschtrader.GrafioschtraderApplication.main(GrafioschtraderApplication.java:38) ~[classes/:na]

The question mark in the regular expression in the query should be directed to MariaDB.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Aug 24, 2023
@mp911de mp911de added type: regression A regression from a previous release and removed status: waiting-for-triage An issue we've not yet triaged labels Aug 24, 2023
@mp911de
Copy link
Member

mp911de commented Aug 24, 2023

It seems that we broke the parsing with a bugfix. We should not detect the question mark within the string literal.

@mp911de mp911de self-assigned this Aug 24, 2023
@mp911de mp911de changed the title Since 3.1.3: Mixing of ? parameters and other forms like ?1 is not supported Question mark in string literal erroneously detected as parameter bind marker Aug 25, 2023
@mp911de mp911de added this to the 3.0.10 (2022.0.10) milestone Aug 25, 2023
mp911de added a commit that referenced this issue Aug 25, 2023
@mp911de
Correctly validate mixed parameter bind marker usage.
bdbab71 
We now inspect individual parameters instead of the resulting query whether the query contains JDBC-style bind markers. Previously, we inspected the final (rewritten) query which might have contained question marks in literals leading to improper validation failures.

Closes #3125
mp911de added a commit that referenced this issue Aug 25, 2023
@mp911de
Correctly validate mixed parameter bind marker usage.
0559c38 
We now inspect individual parameters instead of the resulting query whether the query contains JDBC-style bind markers. Previously, we inspected the final (rewritten) query which might have contained question marks in literals leading to improper validation failures.

Closes #3125
@mp911de
Copy link
Member

mp911de commented Aug 25, 2023

That's fixed now and part of the latest snapshots. Care to give it a try with 3.1.4-SNAPSHOT to see whether the fix works for you?

@mp911de mp911de pinned this issue Aug 28, 2023
@mp911de mp911de changed the title Question mark in string literal erroneously detected as parameter bind marker Question mark (?) in string literal erroneously detected as parameter bind marker Aug 28, 2023
@mp911de
Copy link
Member

mp911de commented Aug 31, 2023

Fix for regression out of #3041/#3083.

@joshiste
Copy link

joshiste commented Sep 6, 2023

We have the same when using the sql() embedding function for hibernate. E.g.

-- Cast to some native type
select c from Computer c where c.ipAddress = sql('?::inet', '127.0.0.1')
-- Use some native operator
select h from Human h order by sql('(? <-> ?)', h.workLocation, h.homeLocation)

@mp911de mp911de unpinned this issue Sep 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mp911de mp911de

Labels
type: regression A regression from a previous release
Projects
None yet
Milestone
3.0.10 (2022.0.10)
Development

No branches or pull requests
4 participants
@mp911de @joshiste @spring-projects-issues @hugograf