Michael Vorburger created FINERACT-1123:
-------------------------------------------
Summary: StringIndexOutOfBoundsException at ColumnValidator
Key: FINERACT-1123
URL: https://issues.apache.org/jira/browse/FINERACT-1123
Project: Apache Fineract
Issue Type: Bug
Reporter: Michael Vorburger
See FINERACT-932 for general background; on 23.07.20 (only) there were x2 of
these in logs of https://www.fineract.dev :
{noformat}java.lang.StringIndexOutOfBoundsException: begin -1, end 4, length 947
at java.lang.String.checkBoundsBeginEnd (String.java:3319)
at java.lang.String.substring (String.java:1874)
at
org.apache.fineract.infrastructure.security.utils.ColumnValidator.getTableColumnMap
(ColumnValidator.java:121)
at
org.apache.fineract.infrastructure.security.utils.ColumnValidator.validateSqlInjection
(ColumnValidator.java:107)
at
org.apache.fineract.portfolio.client.service.ClientReadPlatformServiceImpl.buildSqlStringFromClientCriteria
(ClientReadPlatformServiceImpl.java:241)
at
org.apache.fineract.portfolio.client.service.ClientReadPlatformServiceImpl.retrieveAll
(ClientReadPlatformServiceImpl.java:200)
at
org.apache.fineract.portfolio.client.api.ClientsApiResource.retrieveAll
(ClientsApiResource.java:189)
at
org.apache.fineract.portfolio.client.api.ClientsApiResource.retrieveAll
(ClientsApiResource.java:176){noformat}
[~Manthan] I'm not fully up to speed on your current efforts (I'll try to catch
up, time permitting) and was curious if you were going to plan to eventually
fully remove
{{org.apache.fineract.infrastructure.security.utils.ColumnValidator.getTableColumnMap()}}
? If yes, then this is a a non-issue that's probably not worth fixing. Perhaps
just link this bug to whatever other issue will remove the class.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
