diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
index 2d7604fee68..b9da6aea2f0 100644
--- a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
+++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java
@@ -252,7 +252,8 @@ public synchronized <T> T lookup(final String name) throws NamingException {
                 }
             }
         } catch (URISyntaxException ex) {
-            // This is OK.
+            LOGGER.warn("Invalid JNDI URI - {}", name);
+            return null;
         }
         return (T) this.context.lookup(name);
     }
diff --git a/log4j-core/src/test/java/org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest.java b/log4j-core/src/test/java/org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest.java
index 032c9c4d852..c9233a650a8 100644
--- a/log4j-core/src/test/java/org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest.java
+++ b/log4j-core/src/test/java/org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest.java
@@ -56,6 +56,19 @@ public static void beforeClass() {
         System.setProperty("log4j2.allowedJndiProtocols", "dns");
     }
 
+    @Test
+    public void testBadUriLookup() throws Exception {
+        int port = embeddedLdapRule.embeddedServerPort();
+        Context context = embeddedLdapRule.context();
+        context.bind(   "cn=" + RESOURCE +"," + DOMAIN_DSN, new Fruit("Test Message"));
+        final StrLookup lookup = new JndiLookup();
+        String result = lookup.lookup(LDAP_URL + port + "/" + "cn=" + RESOURCE + "," + DOMAIN_DSN
+            + "?Type=A Type&Name=1100110&Char=!");
+        if (result != null) {
+            fail("Lookup returned an object");
+        }
+    }
+
     @Test
     public void testReferenceLookup() throws Exception {
         int port = embeddedLdapRule.embeddedServerPort();