Sparx Systems Forum

Enterprise Architect => Bugs and Issues => Topic started by: aloeffen on June 27, 2025, 10:58:37 pm

Title: Bug in export to XMI: SQL API Open FAILED with error -- Images
Post by: aloeffen on June 27, 2025, 10:58:37 pm

Case description:
Some EA project export with SQL errors due to flawed image ID recognition routine.

How to test:
In EA 17 create a class diagram and a class with some tagged value. Set the value to id=00001&type=term 
Export to XMI 1.1 or 1.2

Result:
The SQL query that collects images to export (cf. image manager) causes API error: SQL API Open FAILED with error: no such column: term
If images are introduced in notes fields, none of these images are exported.

Possible reason:
The routine that finds references to images triggers on id= anywhere in de value and all text that follows it.
- This method of identifying images is flawed. 
- The & is the reason the SQL query fails.

Impact:
Very big impact for projects that rely on XMI exports that use, for example, URL values for tagged values as in http://www.sample.com?id=00001&type=term.
The export is halted, waiting for user okay. 

Tested on:
EA 17.0.1704 64 bit

Title: Re: Bug in export to XMI: SQL API Open FAILED with error -- Images
Post by: Geert Bellekens on June 28, 2025, 01:58:03 am

Hmm, SQL Injection anyone?

Geert