Escape special characters while searching for an SBOM occurrence (!129361) · Merge requests · GitLab.org / GitLab

Mehmet Emin INAC requested to merge minac_escape_special_chars_for_ilike_predicate into master Aug 15, 2023

What does this MR do and why?

This is not a vulnerability as ActiveRecord already sanitizes the parameterized input but % and _ has special meaning for ILIKE predicate which can cause a bad user experience if the search parameter contains them.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Escape special characters while searching for an SBOM occurrence

What does this MR do and why?

MR acceptance checklist

Merge request reports