You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@fineract.apache.org by al...@apache.org on 2023/02/21 06:25:52 UTC
[fineract] branch develop updated: FINERACT-1892: Paging fix
This is an automated email from the ASF dual-hosted git repository.
aleks pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/fineract.git
The following commit(s) were added to refs/heads/develop by this push:
new 34e8b046a FINERACT-1892: Paging fix
34e8b046a is described below
commit 34e8b046a2821271b63cf5161834f54b9b736bff
Author: Aleks <al...@apache.org>
AuthorDate: Sun Feb 19 22:47:52 2023 +0100
FINERACT-1892: Paging fix
---
.../fineract/infrastructure/core/data/PaginationParameters.java | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
index de5915d18..4a2eb6bb7 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/core/data/PaginationParameters.java
@@ -19,6 +19,7 @@
package org.apache.fineract.infrastructure.core.data;
import org.apache.commons.lang3.StringUtils;
+import org.apache.fineract.infrastructure.security.utils.SQLInjectionValidator;
/**
* <p>
@@ -44,6 +45,9 @@ public final class PaginationParameters {
}
private PaginationParameters(boolean paged, Integer offset, Integer limit, String orderBy, String sortOrder) {
+ SQLInjectionValidator.validateSQLInput(orderBy);
+ SQLInjectionValidator.validateSQLInput(sortOrder);
+
this.paged = paged;
this.offset = offset;
this.limit = limit;