Simeon Simeonov created SPARK-14443:
---------------------------------------
Summary: parse_url() does not escape query parameters
Key: SPARK-14443
URL: https://issues.apache.org/jira/browse/SPARK-14443
Project: Spark
Issue Type: Bug
Components: SQL
Affects Versions: 1.6.0
Environment: Databricks
Reporter: Simeon Simeonov
To reproduce, run the following SparkSQL statement:
{code}
select
parse_url('http://1168.xg4ken.com/media/redir.php?prof=457&camp=67116&affcode=kw54&k_inner_url_encoded=1&cid=adwords&kdv=Desktop&url[]=http%3A%2F%2Fwww.landroverusa.com%2Fvehicles%2Frange-rover-sport-off-road-suv%2Findex.html%3Futm_content%3Dcontent%26utm_source%fb%26utm_medium%3Dcpc%26utm_term%3DAdwords_Brand_Range_Rover_Sport%26utm_campaign%3DFB_Land_Rover_Brand',
'QUERY', 'url[]')
{code}
The exception is ultimately caused by
{code}
java.util.regex.PatternSyntaxException: Unclosed character class near index 17
(&|^)url[]=([^&]*)
^
{code}
Looks like the code is building a regex internally without escaping the passed
in query parameter name.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
