From ec3481ed13254ecdec32acf7a0fafd536ec77aff Mon Sep 17 00:00:00 2001 From: Marios Trivyzas Date: Mon, 16 Mar 2020 13:49:48 +0100 Subject: [PATCH] SQL: Fix NPE for parameterized LIKE/RLIKE (#53573) Fix NPE when `null` is passed as a parameter for a parameterized pattern of LIKE/RLIKE. e.g.: `field LIKE ?` params=[null]` Check for null pattern in LIKE/RLIKE as for RLIKE (RegexpQuery) we get an IllegalArgumentExpression from Lucence but for LIKE (WildcardQuery) we get an NPE. Fixes: #53557 --- .../xpack/sql/parser/ExpressionBuilder.java | 3 +++ .../xpack/sql/parser/ExpressionTests.java | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/parser/ExpressionBuilder.java b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/parser/ExpressionBuilder.java index bf8b22d8a39d5..671d90fbd54f6 100644 --- a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/parser/ExpressionBuilder.java +++ b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/parser/ExpressionBuilder.java @@ -264,6 +264,9 @@ public LikePattern visitPattern(PatternContext ctx) { } String pattern = string(ctx.value); + if (pattern == null) { + throw new ParsingException(source(ctx.value), "Pattern must not be [null]"); + } int pos = pattern.indexOf('*'); if (pos >= 0) { throw new ParsingException(source(ctx.value), diff --git a/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/parser/ExpressionTests.java b/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/parser/ExpressionTests.java index ad2d3066e121f..6211f40e0f0e5 100644 --- a/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/parser/ExpressionTests.java +++ b/x-pack/plugin/sql/src/test/java/org/elasticsearch/xpack/sql/parser/ExpressionTests.java @@ -21,16 +21,19 @@ import org.elasticsearch.xpack.sql.expression.predicate.operator.arithmetic.Add; import org.elasticsearch.xpack.sql.expression.predicate.operator.arithmetic.Mul; import org.elasticsearch.xpack.sql.expression.predicate.operator.arithmetic.Sub; +import org.elasticsearch.xpack.sql.proto.SqlTypedParamValue; import java.time.Duration; import java.time.Period; import java.time.temporal.TemporalAmount; +import java.util.Collections; import java.util.Locale; import static java.lang.String.format; import static org.elasticsearch.xpack.ql.type.DataTypes.BOOLEAN; import static org.elasticsearch.xpack.ql.type.DataTypes.DOUBLE; import static org.elasticsearch.xpack.ql.type.DataTypes.INTEGER; +import static org.elasticsearch.xpack.ql.type.DataTypes.KEYWORD; import static org.elasticsearch.xpack.ql.type.DataTypes.LONG; import static org.hamcrest.Matchers.startsWith; @@ -542,4 +545,11 @@ public void testCaseWithOperand() { assertEquals("WHEN 1 THEN 'one'", ifc.sourceText()); assertEquals("many", c.elseResult().toString()); } + + public void testLikePatternWithNullParameterNotAllowed() { + ParsingException e = expectThrows(ParsingException.class, + () -> parser.createExpression("a LIKE ?", + Collections.singletonList(new SqlTypedParamValue(KEYWORD.typeName(), null)))); + assertEquals("line 1:9: Pattern must not be [null]", e.getMessage()); + } }