Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Auto Closed
-
None
-
None
-
None
Description
See FINERACT-932 for general background; on 23.07.20 (only) there were x2 of these in logs of https://www.fineract.dev :
java.lang.StringIndexOutOfBoundsException: begin -1, end 4, length 947
at java.lang.String.checkBoundsBeginEnd (String.java:3319)
at java.lang.String.substring (String.java:1874)
at org.apache.fineract.infrastructure.security.utils.ColumnValidator.getTableColumnMap (ColumnValidator.java:121)
at org.apache.fineract.infrastructure.security.utils.ColumnValidator.validateSqlInjection (ColumnValidator.java:107)
at org.apache.fineract.portfolio.client.service.ClientReadPlatformServiceImpl.buildSqlStringFromClientCriteria (ClientReadPlatformServiceImpl.java:241)
at org.apache.fineract.portfolio.client.service.ClientReadPlatformServiceImpl.retrieveAll (ClientReadPlatformServiceImpl.java:200)
at org.apache.fineract.portfolio.client.api.ClientsApiResource.retrieveAll (ClientsApiResource.java:189)
at org.apache.fineract.portfolio.client.api.ClientsApiResource.retrieveAll (ClientsApiResource.java:176)
Manthan I'm not fully up to speed on your current efforts (I'll try to catch up, time permitting) and was curious if you were going to plan to eventually fully remove org.apache.fineract.infrastructure.security.utils.ColumnValidator.getTableColumnMap() ? If yes, then this is a a non-issue that's probably not worth fixing. Perhaps just link this bug to whatever other issue will remove the class.
Attachments
Issue Links
- blocks
-
FINERACT-932 Parent Issue for Error Logs seeing during "normal" usage (e.g. on fineract.dev)
-
- Open
-
- is blocked by
-
-
- In Progress
-