DBZ-6157 Disable potentially dangerous MySQL JDBC props
This commit is contained in:
parent
4be4f5c874
commit
58ef4f0b98
@ -524,6 +524,13 @@ public MySqlConnectionConfiguration(Configuration config) {
|
||||
|
||||
jdbcConfigBuilder.with(JDBC_PROPERTY_CONNECTION_TIME_ZONE, determineConnectionTimeZone(dbConfig));
|
||||
|
||||
// Set and remove options to prevent potential vulnerabilities
|
||||
jdbcConfigBuilder
|
||||
.with("allowLoadLocalInfile", "false")
|
||||
.with("allowUrlInLocalInfile", "false")
|
||||
.with("autoDeserialize", false)
|
||||
.without("queryInterceptors");
|
||||
|
||||
this.jdbcConfig = JdbcConfiguration.adapt(jdbcConfigBuilder.build());
|
||||
String driverClassName = this.jdbcConfig.getString(MySqlConnectorConfig.JDBC_DRIVER);
|
||||
factory = JdbcConnection.patternBasedFactory(MySqlConnection.URL_PATTERN, driverClassName, getClass().getClassLoader());
|
||||
|
@ -97,6 +97,12 @@ public Builder withDefault(String key, String value) {
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder without(String key) {
|
||||
builder.without(key);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder apply(Consumer<SqlServerJdbcConfiguration.Builder> function) {
|
||||
function.accept(this);
|
||||
@ -148,6 +154,12 @@ public Builder withDefault(String key, String value) {
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder without(String key) {
|
||||
builder.without(key);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder apply(Consumer<SqlServerJdbcConfiguration.Builder> function) {
|
||||
function.accept(this);
|
||||
|
@ -475,6 +475,14 @@ default B withDefault(Field field, Class<?> value) {
|
||||
return withDefault(field.name(), value != null ? value.getName() : null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove the value associated with the specified key.
|
||||
*
|
||||
* @param key the key
|
||||
* @return this builder object so methods can be chained together; never null
|
||||
*/
|
||||
B without(String key);
|
||||
|
||||
/**
|
||||
* Apply the function to this builder.
|
||||
*
|
||||
@ -691,6 +699,12 @@ public Builder withDefault(String key, String value) {
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder without(String key) {
|
||||
props.remove(key);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder apply(Consumer<Builder> function) {
|
||||
function.accept(this);
|
||||
|
@ -213,6 +213,12 @@ public Builder withDefault(String key, String value) {
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder without(String key) {
|
||||
builder.without(key);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder apply(Consumer<Builder> function) {
|
||||
function.accept(this);
|
||||
@ -264,6 +270,12 @@ public Builder withDefault(String key, String value) {
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder without(String key) {
|
||||
builder.without(key);
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Builder apply(Consumer<Builder> function) {
|
||||
function.accept(this);
|
||||
|
Loading…
Reference in New Issue
Block a user