rewriteBatchedStatements / SQL injection
Posted by:
Martin Ley
Date: March 05, 2018 03:10AM
We are using a Google CloudSQL MySQL instance with the MySQL Connector/J and Spring Data on top.
We notice some performance issues when inserting large amounts of data. Setting rewriteBatchedStatements=true improves performance dramatically. But the documentation says:
> Notice that this has the potential for SQL injection if using plain java.sql.Statements and your code doesn't sanitize input correctly.
What does that mean exactly? Can you give an exmaple how such an SQL injection could be accomplished and prevented?
Thanks.
Subject
Written By
Posted
rewriteBatchedStatements / SQL injection
March 05, 2018 03:10AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.