alhudz opened a new pull request, #5008:
URL: https://github.com/apache/calcite/pull/5008

   ## Jira Link
   
   A Jira can be filed for this if preferred; raising the patch first since the 
change is a small, self-contained fix.
   
   ## Changes Proposed
   
   `Repro:` `parse_url('http://h/p?k1=v1&k2=v2', 'QUERY', 'k.')` and 
`parse_url('http://h/p?k1=v1', 'QUERY', '(')`.
   
   `Expected:` the first returns `NULL` (no parameter is literally named `k.`); 
the second returns `NULL` (no parameter named `(`).
   
   `Actual:` `ParseUrlFunction.keyToPattern` builds the lookup with 
`Pattern.compile("(&|^)" + keyToExtract + "=([^&]*)")`, so the key is spliced 
into the regex unescaped. The key is the third `PARSE_URL` argument and crosses 
the trust boundary. Regex metacharacters in the key are interpreted, so `k.` 
matches `k1` and wrongly returns `v1`, and a key that is not a valid regex such 
as `(` throws `PatternSyntaxException` out of the function instead of yielding 
a result.
   
   `Fix:` wrap the key in `Pattern.quote` so it is matched literally, which is 
the documented key semantics. `Pattern.quote` is already the idiom used 
elsewhere in `SqlFunctions` (the `split` helper).
   
   `Test:` `SqlOperatorTest.testParseUrl` gains cases for a metacharacter key 
and a non-regex key; both fail on the unpatched tree and pass after.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to