[
https://issues.apache.org/jira/browse/JENA-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16386159#comment-16386159
]
ASF subversion and git services commented on JENA-1497:
-------------------------------------------------------
Commit 2e732b48500f5856d9b4ba639960b8bd8baa8a1a in jena's branch
refs/heads/master from [~rvesse]
[ https://git-wip-us.apache.org/repos/asf?p=jena.git;h=2e732b4 ]
Merge branch 'JENA-1497'
This closes #370
> ParameterizedSparqlString detects delimiters incorrectly
> --------------------------------------------------------
>
> Key: JENA-1497
> URL: https://issues.apache.org/jira/browse/JENA-1497
> Project: Apache Jena
> Issue Type: Bug
> Components: ARQ
> Affects Versions: Jena 3.6.0
> Reporter: Rob Vesse
> Assignee: Rob Vesse
> Priority: Major
>
> As reported on the mailing list -
> [https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E|https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E]
> Investigation shows that the delimiter parsing logic has some flaws that
> causes it to do the wrong thing resulting in the possibility of incorrect
> detection of injection attacks leading to some valid SPARQL strings being
> rejected when attempting to inject parameters.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
