To everyone facing the *Values of types "BOOLEAN" and "INTEGER" are not
comparable* error message, you can create a class that will override the
*toBooleanValueString* method as Evgenij suggested :
package com.myCorp;
import org.hibernate.dialect.H2Dialect;
public class H2DialectExtended extends H2Dialect {
@Override
public String toBooleanValueString(boolean bool) {
return bool ? "TRUE" : "FALSE";
}
}
And load it in your Spring Boot testing application.properties :
spring.jpa.properties.hibernate.dialect=com.myCorp.H2DialectExtended
This way, Hibernate will write :
WHERE myBooleanColumn=TRUE
instead of :
WHERE myBooleanColumn=1
Which will solve the problem as the myBooleanColumn is of type H2 Boolean.
Le lundi 10 janvier 2022 à 10 h 42 min 45 s UTC-5, [email protected] a
écrit :
> Thanks for your answer.
>
> I know about the vulnerability - I don't even use the console or H2 in
> production.. but my project has a policy about CVE. This vulnerability is
> tagged by our CI/CD system and I have to fix it or remove the dependency. I
> just can't say "it's not exploitable" if the vulnerability scanner tag the
> cve, the release will not be allowed.
>
>
>
> Le lundi 10 janvier 2022 à 16:25:00 UTC+1, Evgenij Ryazanov a écrit :
>
>> Hello.
>>
>> This vulnerability affects only the H2 Console and it may harm you only
>> if you run it with -webAllowOthers parameter without additional
>> protection. You shouldn't do that with any version of H2.
>>
>> https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
>> It doesn't affect H2 Database in any way.
>>
>> H2 since the version 2.0.204 has LEGACY mode, it this mode some (but not
>> all) wrong commands are allowed, including equality comparisons between
>> numeric and boolean values. To enable this mode you need to add
>> ;MODE=LEGACY to JDBC URL.
>>
>
--
You received this message because you are subscribed to the Google Groups "H2
Database" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/h2-database/404e912a-75b1-4c3f-b14c-54607c67cee7n%40googlegroups.com.
