Possible SQL injection detected in ...
15 views
Skip to first unread message
AutoSys User in New York
Jun 24, 2020, 10:38:38 AM6/24/20
to AutoSys
On June 10th, we had a particular job fail to start. This job is run
monthly, and no issues have been encountered prior to this, and no edits
were made to the job. It is notable that in early June (prior to June
10th), we updated the agent from 11.4 to 11.5.
We have the following information on the issue:
Agent Status Long: "Possible SQL injection detected in Table Validation UPDATE - PRD"
Agent Status: "Failed to get PS job data."
We have no record of receiving such error messages on any job prior to this incident.
In an attempt to remedy the situation, the email subject for the Distribution was changed from "Table Validation Update - PRD" to "Table Validation Upd - PRD". Once this was changed, the error no longer occurred.
No information in the 11.5 release notes accounts for this issue. "UPDATE" is a reserved word, but beyond that, can anyone provide any information on this issue?
We have the following information on the issue:
Agent Status Long: "Possible SQL injection detected in Table Validation UPDATE - PRD"
Agent Status: "Failed to get PS job data."
We have no record of receiving such error messages on any job prior to this incident.
In an attempt to remedy the situation, the email subject for the Distribution was changed from "Table Validation Update - PRD" to "Table Validation Upd - PRD". Once this was changed, the error no longer occurred.
No information in the 11.5 release notes accounts for this issue. "UPDATE" is a reserved word, but beyond that, can anyone provide any information on this issue?
daniel.shannon
Jun 24, 2020, 10:51:30 AM6/24/20
to AutoSys
Have you opened a Support case and provided logs for review? I don't know of any reported problems with this symptom. I'm checking with engineering to get their thoughts.
Kantowski, Corinne
Jun 24, 2020, 10:54:01 AM6/24/20
to aut...@googlegroups.com
Yes – I have opened a Support case, and am checking to see if we can replicate the error and provide those logs to Broadcom.
Thank you for checking with engineering. I look forward to their response!
--
You received this message because you are subscribed to the Google Groups "AutoSys" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
autosys+u...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autosys/aa68fd9e-0b03-4d63-8966-d8c2a4b5a561o%40googlegroups.com.
Message has been deleted
daniel.shannon
Jun 24, 2020, 2:55:12 PM6/24/20
to AutoSys
I found out that this was due to a code change designed to prevent SQL injection from occurring. Data that contains the following words corresponding to SQL keywords will be rejected: SELECT, INSERT, UPDATE, DROP, RENAME, CREATE, DELETE, GRANT, REVOKE, and WHERE. Unfortunately, I was not able to find this documented in the Release Notes. We'll get those updated.
Thanks for bringing this to our attention.
On Wednesday, June 24, 2020 at 10:38:38 AM UTC-4, AutoSys User in New York wrote:
AutoSys User in New York
Jun 24, 2020, 3:26:30 PM6/24/20
to AutoSys
Thank you for this information and for your help on this! Much appreciated.
Reply all
Reply to author
Forward
0 new messages