You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@fineract.apache.org by al...@apache.org on 2023/02/19 21:01:56 UTC
[fineract] branch 1.8.4 updated: FINERACT-1868: Paging fix for 1.8.x
This is an automated email from the ASF dual-hosted git repository.
aleks pushed a commit to branch 1.8.4
in repository https://gitbox.apache.org/repos/asf/fineract.git
The following commit(s) were added to refs/heads/1.8.4 by this push:
new 8cede8d39 FINERACT-1868: Paging fix for 1.8.x
8cede8d39 is described below
commit 8cede8d393d717cb163c18c3e22cca22eb230dd4
Author: Aleks <al...@apache.org>
AuthorDate: Wed Jan 25 23:15:31 2023 +0100
FINERACT-1868: Paging fix for 1.8.x
---
.../fineract/infrastructure/core/data/PaginationParameters.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
index de5915d18..4a2eb6bb7 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
@@ -19,6 +19,7 @@
package org.apache.fineract.infrastructure.core.data;
import org.apache.commons.lang3.StringUtils;
+import org.apache.fineract.infrastructure.security.utils.SQLInjectionValidator;
/**
* <p>
@@ -44,6 +45,9 @@ public final class PaginationParameters {
}
private PaginationParameters(boolean paged, Integer offset, Integer limit, String orderBy, String sortOrder) {
+ SQLInjectionValidator.validateSQLInput(orderBy);
+ SQLInjectionValidator.validateSQLInput(sortOrder);
+
this.paged = paged;
this.offset = offset;
this.limit = limit;