GitHub user rvesse opened a pull request:
https://github.com/apache/jena/pull/370
Fix delimiter parsing logic (JENA-1497)
Logical flaws in using continue vs break inside inner loops where
causing the wrong delimiter positions to be detected and leading to
false positives being reported for potential injection attacks. Fixing
the logic allows the user test case to pass.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/rvesse/jena JENA-1497
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/jena/pull/370.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #370
commit 411c1031a0f51885f6966914c58202654614be13
Author: Rob Vesse
Date: 2018-03-05T10:25:24Z
Fix delimiter parsing logic (JENA-1497)
Logical flaws in using continue vs break inside inner loops where
causing the wrong delimiter positions to be detected and leading to
false positives being reported for potential injection attacks. Fixing
the logic allows the user test case to pass.
---
