[
https://issues.apache.org/jira/browse/SPARK-57960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Peter Toth updated SPARK-57960:
-------------------------------
Affects Version/s: 4.0.3
4.1.2
3.5.8
4.2.0
(was: 5.0.0)
> Escape table and schema identifiers in JDBC dialect index metadata queries
> --------------------------------------------------------------------------
>
> Key: SPARK-57960
> URL: https://issues.apache.org/jira/browse/SPARK-57960
> Project: Spark
> Issue Type: Bug
> Components: SQL
> Affects Versions: 3.5.8, 4.2.0, 4.1.2, 4.0.3
> Reporter: Peter Toth
> Assignee: Peter Toth
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.5.9, 4.3.0, 4.1.3, 4.0.4, 4.2.1
>
>
> PostgresDialect.indexExists and H2Dialect.indexExists/listIndexes embed the
> table (and, for H2, schema) name into a SQL string literal in the pg_indexes
> / INFORMATION_SCHEMA lookup query without escaping. A table or schema name
> containing a single quote therefore produces a malformed query that fails
> with a syntax error. This is inconsistent with the index name in the same
> methods, which is already escaped via escapeSql (SPARK-57446 / SPARK-57447).
> Fix: apply escapeSql to the table/schema identifiers at these sites so
> quote-containing identifiers work correctly. (MySQLDialect.indexExists places
> the table in identifier position via quoteIdentifier and is already correct.)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]