SuccessChanges

Summary

  1. [SPARK-24542][SQL] UDF series UDFXPathXXXX allow users to pass carefully (commit: 50cdb4138e5cb0e0d15f739db8066f3ea86ef037) (details)
  2. [SPARK-24583][SQL] Wrong schema type in InsertIntoDataSourceCommand (commit: d687d97b116beafa7f4375f1876049f5da4f5ba7) (details)
Commit 50cdb4138e5cb0e0d15f739db8066f3ea86ef037 by wenchen
[SPARK-24542][SQL] UDF series UDFXPathXXXX allow users to pass carefully
crafted XML to access arbitrary files
## What changes were proposed in this pull request?
UDF series UDFXPathXXXX allow users to pass carefully crafted XML to
access arbitrary files. Spark does not have built-in access control.
When users use the external access control library, users might bypass
them and access the file contents.
This PR basically patches the Hive fix to Apache Spark.
https://issues.apache.org/jira/browse/HIVE-18879
## How was this patch tested?
A unit test case
Author: Xiao Li <gatorsmile@gmail.com>
Closes #21549 from gatorsmile/xpathSecurity.
(cherry picked from commit 9a75c18290fff7d116cf88a44f9120bf67d8bd27)
Signed-off-by: Wenchen Fan <wenchen@databricks.com>
(commit: 50cdb4138e5cb0e0d15f739db8066f3ea86ef037)
The file was modifiedsql/catalyst/src/test/scala/org/apache/spark/sql/catalyst/expressions/xml/UDFXPathUtilSuite.scala (diff)
The file was modifiedsql/catalyst/src/main/java/org/apache/spark/sql/catalyst/expressions/xml/UDFXPathUtil.java (diff)
The file was modifiedsql/catalyst/src/test/scala/org/apache/spark/sql/catalyst/expressions/xml/XPathExpressionSuite.scala (diff)
Commit d687d97b116beafa7f4375f1876049f5da4f5ba7 by gatorsmile
[SPARK-24583][SQL] Wrong schema type in InsertIntoDataSourceCommand
## What changes were proposed in this pull request?
Change insert input schema type: "insertRelationType" ->
"insertRelationType.asNullable", in order to avoid nullable being
overridden.
## How was this patch tested?
Added one test in InsertSuite.
Author: Maryann Xue <maryannxue@apache.org>
Closes #21585 from maryannxue/spark-24583.
(cherry picked from commit bc0498d5820ded2b428277e396502e74ef0ce36d)
Signed-off-by: Xiao Li <gatorsmile@gmail.com>
(commit: d687d97b116beafa7f4375f1876049f5da4f5ba7)
The file was modifiedsql/core/src/test/scala/org/apache/spark/sql/sources/InsertSuite.scala (diff)
The file was modifiedsql/core/src/main/scala/org/apache/spark/sql/execution/datasources/InsertIntoDataSourceCommand.scala (diff)