[jira] [Created] (SLING-10197) JobManager findJobs throws QuerySyntaxException with a quoted value

Mon, 08 Mar 2021 08:34:05 -0800 

Wim Symons created SLING-10197:
----------------------------------

             Summary: JobManager findJobs throws QuerySyntaxException with a 
quoted value
                 Key: SLING-10197
                 URL: https://issues.apache.org/jira/browse/SLING-10197
             Project: Sling
          Issue Type: Bug
          Components: Event
    Affects Versions: Event 4.2.12
            Reporter: Wim Symons


This happens in AEM 6.5.6.0 when the "templates" are used and a cq:path with a 
single quote in the value is passed.

Stack trace:
{code:java}
02.03.2021 22:46:30.427 *WARN* [172.31.0.150 [1614725190407] POST 
/libs/wcm/core/content/reference.json HTTP/1.1] 
org.apache.sling.event.impl.jobs.JobManagerImpl Query syntax wrong 
/jcr:root/var/eventing/jobs//element(*,slingevent:Job)[@event.job.topic = 
'com/day/cq/replication/job/scene7' and not(@slingevent:finishedState) and 
((@cq:path = 
'/content/dam/images-vrt-video/canvas/als-je-eens-wist/extra's/THUMBNAIL 
Corona-maakt-ons-gezin-hechter foto Ines Keygnaert.jpeg'))] order by 
@slingevent:created ascending
org.apache.sling.api.resource.QuerySyntaxException: java.text.ParseException: 
Query:
/jcr:root/var/eventing/jobs//element(*,slingevent:Job)[@event.job.topic = 
'com/day/cq/replication/job/scene7' and not(@slingevent:finishedState) and 
((@cq:path = 
'/content/dam/images-vrt-video/canvas/als-je-eens-wist/extra's/THUMBNAIL 
Corona-maakt-ons-gezin-hechter foto Ines Keygnaert.jpeg(*)'))] order by 
@slingevent:created ascending
        at 
org.apache.sling.jcr.resource.internal.helper.jcr.BasicQueryLanguageProvider.findResources(BasicQueryLanguageProvider.java:87)
        at 
org.apache.sling.resourceresolver.impl.providers.stateful.AuthenticatedResourceProvider.findResources(AuthenticatedResourceProvider.jav
a:260)
        at 
org.apache.sling.resourceresolver.impl.helper.ResourceResolverControl.findResources(ResourceResolverControl.java:457)
        at 
org.apache.sling.resourceresolver.impl.ResourceResolverImpl.findResources(ResourceResolverImpl.java:548)
        at 
org.apache.sling.event.impl.jobs.JobManagerImpl.findJobs(JobManagerImpl.java:523)
        at 
com.day.cq.replication.impl.queue.ReplicationQueueImpl.hasEntries(ReplicationQueueImpl.java:178)
        at 
com.day.cq.replication.impl.ReplicationStatusImpl.isPending(ReplicationStatusImpl.java:111)
        at 
com.day.cq.replication.impl.ReplicationStatusImpl.isDelivered(ReplicationStatusImpl.java:169)
        at 
com.day.cq.wcm.core.impl.reference.ActivationReferenceSearchServlet.doGet(ActivationReferenceSearchServlet.java:162)
        at 
com.day.cq.wcm.core.impl.reference.ActivationReferenceSearchServlet.doPost(ActivationReferenceSearchServlet.java:91)
  {code}

Issue is at 
https://github.com/apache/sling-org-apache-sling-event/blob/org.apache.sling.event-4.2.12/src/main/java/org/apache/sling/event/impl/jobs/JobManagerImpl.java#L505,
 where "value" is not escaped.





--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to