[
https://issues.apache.org/jira/browse/SOLR-11288?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16140329#comment-16140329
]
Andrzej Bialecki commented on SOLR-11288:
------------------------------------------
Something like this?
{code}
static final Pattern COMMA_REGEX = Pattern.compile("(?<!" + Pattern.quote("\\")
+ ")" + Pattern.quote(","));
public static String[] split(String s) {
String[] parts = COMMA_REGEX.split(s);
return unescape(parts);
}
String[] unescape(String[] ss) {
...
}
{code}
> String.split(",") used in inappropriate places
> ----------------------------------------------
>
> Key: SOLR-11288
> URL: https://issues.apache.org/jira/browse/SOLR-11288
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Yonik Seeley
>
> I've run across a number of places in the code base that use
> String.split(",") to parse a comma separated list of values. When the values
> can be any strings, this will break if any values contain a comma. The break
> will often not be visible to the user, but will silently return incorrect or
> inaccurate results.
> The fix is to use something that does backslash escaping when combining into
> a comma separated list, combined with a parsing method that removes backslash
> escaping.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
