You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jena.apache.org by "Rob Vesse (JIRA)" <ji...@apache.org> on 2018/03/05 14:57:00 UTC
[jira] [Resolved] (JENA-1497) ParameterizedSparqlString detects
delimiters incorrectly
[ https://issues.apache.org/jira/browse/JENA-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rob Vesse resolved JENA-1497.
-----------------------------
Resolution: Fixed
Fix Version/s: Jena 3.7.0
Fixed for the 3.7.0 release
> ParameterizedSparqlString detects delimiters incorrectly
> --------------------------------------------------------
>
> Key: JENA-1497
> URL: https://issues.apache.org/jira/browse/JENA-1497
> Project: Apache Jena
> Issue Type: Bug
> Components: ARQ
> Affects Versions: Jena 3.6.0
> Reporter: Rob Vesse
> Assignee: Rob Vesse
> Priority: Major
> Fix For: Jena 3.7.0
>
>
> As reported on the mailing list - [https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E|https://lists.apache.org/thread.html/3855aa8046cfea61433042655144f071c56baa7c5d61a78544730455@%3Cusers.jena.apache.org%3E]
> Investigation shows that the delimiter parsing logic has some flaws that causes it to do the wrong thing resulting in the possibility of incorrect detection of injection attacks leading to some valid SPARQL strings being rejected when attempting to inject parameters.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)