[jira] [Resolved] (JENA-1497) ParameterizedSparqlString detects delimiters incorrectly

Rob Vesse (JIRA) Mon, 05 Mar 2018 06:57:31 -0800

     [ 
https://issues.apache.org/jira/browse/JENA-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Rob Vesse resolved JENA-1497.
-----------------------------
       Resolution: Fixed
    Fix Version/s: Jena 3.7.0

Fixed for the 3.7.0 release

> ParameterizedSparqlString detects delimiters incorrectly
> --------------------------------------------------------
>
>                 Key: JENA-1497
>                 URL: https://issues.apache.org/jira/browse/JENA-1497
>             Project: Apache Jena
>          Issue Type: Bug
>          Components: ARQ
>    Affects Versions: Jena 3.6.0
>            Reporter: Rob Vesse
>            Assignee: Rob Vesse
>            Priority: Major
>             Fix For: Jena 3.7.0
>
>
> As reported on the mailing list - 
> [https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E|https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E]
> Investigation shows that the delimiter parsing logic has some flaws that 
> causes it to do the wrong thing resulting in the possibility of incorrect 
> detection of injection attacks leading to some valid SPARQL strings being 
> rejected when attempting to inject parameters.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (JENA-1497) ParameterizedSparqlString detects delimiters incorrectly

Reply via email to