From 5f836622269f7db171923104462e9059645874fa Mon Sep 17 00:00:00 2001
From: Nathan Xu <nathan.qingyang.xu@gmail.com>
Date: Sat, 14 Mar 2020 15:25:36 -0400
Subject: [PATCH] HHH-13889 fix the issue that inline string literal in
 Criteria is not escaped

---
 .../expression/LiteralExpression.java         |  3 +-
 .../CriteriaStringInlineLiteralTest.java      | 58 +++++++++++++++++++
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 hibernate-core/src/test/java/org/hibernate/query/criteria/CriteriaStringInlineLiteralTest.java

diff --git a/hibernate-core/src/main/java/org/hibernate/query/criteria/internal/expression/LiteralExpression.java b/hibernate-core/src/main/java/org/hibernate/query/criteria/internal/expression/LiteralExpression.java
index 855c842ab5..e7639a1dff 100644
--- a/hibernate-core/src/main/java/org/hibernate/query/criteria/internal/expression/LiteralExpression.java
+++ b/hibernate-core/src/main/java/org/hibernate/query/criteria/internal/expression/LiteralExpression.java
@@ -8,6 +8,7 @@ package org.hibernate.query.criteria.internal.expression;
 
 import java.io.Serializable;
 
+import org.hibernate.internal.util.StringHelper;
 import org.hibernate.query.criteria.LiteralHandlingMode;
 import org.hibernate.query.criteria.internal.CriteriaBuilderImpl;
 import org.hibernate.query.criteria.internal.ParameterRegistry;
@@ -118,7 +119,7 @@ public class LiteralExpression<T> extends ExpressionImpl<T> implements Serializa
 		}
 
 		if ( ValueHandlerFactory.isCharacter( literal ) ) {
-			return '\'' + handler.render( literal ) + '\'';
+			return renderingContext.getDialect().inlineLiteral( handler.render( literal ) );
 		}
 		else {
 			return handler.render( literal );
diff --git a/hibernate-core/src/test/java/org/hibernate/query/criteria/CriteriaStringInlineLiteralTest.java b/hibernate-core/src/test/java/org/hibernate/query/criteria/CriteriaStringInlineLiteralTest.java
new file mode 100644
index 0000000000..31bda50929
--- /dev/null
+++ b/hibernate-core/src/test/java/org/hibernate/query/criteria/CriteriaStringInlineLiteralTest.java
@@ -0,0 +1,58 @@
+package org.hibernate.query.criteria;
+
+import javax.persistence.Entity;
+import javax.persistence.EntityManager;
+import javax.persistence.Id;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Expression;
+import javax.persistence.criteria.Root;
+
+import org.hibernate.jpa.test.BaseEntityManagerFunctionalTestCase;
+
+import org.hibernate.testing.TestForIssue;
+import org.junit.Test;
+
+/**
+ * @author Michiel Haisma
+ * @author Nathan Xu
+ */
+@TestForIssue( jiraKey = "HHH-13889" )
+public class CriteriaStringInlineLiteralTest extends BaseEntityManagerFunctionalTestCase {
+
+	@Override
+	protected Class<?>[] getAnnotatedClasses() {
+		return new Class<?>[] { Animal.class };
+	}
+
+	@Test
+	public void testCriteriaInlineStringLiteralRendering() {
+		EntityManager entityManager = getOrCreateEntityManager();
+		CriteriaBuilder cb = entityManager.getCriteriaBuilder();
+		CriteriaQuery<Animal> criteriaQuery = cb.createQuery( Animal.class );
+
+		Root<Animal> animalRoot = criteriaQuery.from( Animal.class );
+		CriteriaBuilder.Case<String> sCase = cb.selectCase();
+		Expression<String> caseSelect =
+				sCase.when( cb.equal( animalRoot.get( "name" ), cb.literal( "kitty" ) ), cb.literal( "Cat" ) )
+				      .otherwise("escapez'moi" );
+		criteriaQuery.multiselect( caseSelect );
+		criteriaQuery.where( cb.equal( animalRoot.get( "name" ), "myFavoriteAnimal" ) );
+		entityManager.createQuery( criteriaQuery); // would throw exception for unescaped otherwise literal in HHH-13889
+	}
+
+	@Entity(name = "Animal")
+	public static class Animal {
+		@Id
+		private Long id;
+
+		private String name;
+
+		public Animal() {
+		}
+
+		public Animal(String name) {
+			this.name = name;
+		}
+	}
+}