[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14967695#comment-14967695 ] Rick Hillegas commented on SPARK-10977: --- I have created a pull request for SPARK-10857 which also

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14951880#comment-14951880 ] Sean Owen commented on SPARK-10977: --- If it's simple, quoting sounds good. This isn't really a SQL

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14951865#comment-14951865 ] Rick Hillegas commented on SPARK-10977: --- Hi Sean, Yes, I hope to post some patches soon. Thanks.

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14951752#comment-14951752 ] Sean Owen commented on SPARK-10977: --- Cool, are you working on a PR? > SQL injection bugs in JdbcUtils

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14950543#comment-14950543 ] Rick Hillegas commented on SPARK-10977: --- Thanks, Sean. Yes, I agree. I don't have any better

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14948302#comment-14948302 ] Sean Owen commented on SPARK-10977: --- It's a JDBC thing rather than database specific (e.g. parsed by

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14949110#comment-14949110 ] Rick Hillegas commented on SPARK-10977: --- Hi Sean, The following code raises exceptions on MySQL,

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14949149#comment-14949149 ] Sean Owen commented on SPARK-10977: --- Great, thanks for checking that. I suspected it doesn't work for

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14947928#comment-14947928 ] Rick Hillegas commented on SPARK-10977: --- Hi Sean, That approach may work for some databases. The ?

[jira] [Commented] (SPARK-10977) SQL injection bugs in JdbcUtils and DataFrameWriter

[ https://issues.apache.org/jira/browse/SPARK-10977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14947236#comment-14947236 ] Sean Owen commented on SPARK-10977: --- Since this is JBDC and you're making a PreparedStatement, can't