[kylin] 26/44: Prevent uncontrolled data used in path expression

nic Fri, 07 Feb 2020 06:26:30 -0800

This is an automated email from the ASF dual-hosted git repository.

nic pushed a commit to branch 3.0.x
in repository https://gitbox.apache.org/repos/asf/kylin.git


commit 2ee8e246be1f53fa0334acf525f91b87e2ee8b6d
Author: nichunen <n...@apache.org>
AuthorDate: Fri Jan 10 21:04:21 2020 +0800

    Prevent uncontrolled data used in path expression
---
 .../java/org/apache/kylin/metadata/badquery/BadQueryHistoryManager.java  | 1 +
 1 file changed, 1 insertion(+)

diff --git 
a/core-metadata/src/main/java/org/apache/kylin/metadata/badquery/BadQueryHistoryManager.java
 
b/core-metadata/src/main/java/org/apache/kylin/metadata/badquery/BadQueryHistoryManager.java
index 843e9e9..812d3c3 100644
--- 
a/core-metadata/src/main/java/org/apache/kylin/metadata/badquery/BadQueryHistoryManager.java
+++ 
b/core-metadata/src/main/java/org/apache/kylin/metadata/badquery/BadQueryHistoryManager.java
@@ -57,6 +57,7 @@ public class BadQueryHistoryManager {
     }
 
     public BadQueryHistory getBadQueriesForProject(String project) throws 
IOException {
+        project = project.replaceAll("[./]", "");
         BadQueryHistory badQueryHistory = 
getStore().getResource(getResourcePathForProject(project), 
BAD_QUERY_INSTANCE_SERIALIZER);
         if (badQueryHistory == null) {
             badQueryHistory = new BadQueryHistory(project);

[kylin] 26/44: Prevent uncontrolled data used in path expression

Reply via email to