Skip to content

Commit

Permalink
Fix MXParser fails to recognize illegal character references (codehau…
Browse files Browse the repository at this point in the history 
…s-plexus#132) (codehaus-plexus#133)

fix codehaus-plexus#132
  • Loading branch information
@belingueres
belingueres committed Jan 24, 2021
1 parent 2bd2a43 commit b5a006b
Show file tree
Hide file tree
Showing 17 changed files with 595 additions and 43 deletions.
107 changes: 64 additions & 43 deletions src/main/java/org/codehaus/plexus/util/xml/pull/MXParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2534,44 +2534,7 @@ else if ( xmlnsPos == 5 )
}
if ( ch == '&' )
{
// extractEntityRef
posEnd = pos - 1;
if ( !usePC )
{
final boolean hadCharData = posEnd > posStart;
if ( hadCharData )
{
// posEnd is already set correctly!!!
joinPC();
}
else
{
usePC = true;
pcStart = pcEnd = 0;
}
}
// assert usePC == true;

final char[] resolvedEntity = parseEntityRef();
// check if replacement text can be resolved !!!
if ( resolvedEntity == null )
{
if ( entityRefName == null )
{
entityRefName = newString( buf, posStart, posEnd - posStart );
}
throw new XmlPullParserException( "could not resolve entity named '" + printable( entityRefName )
+ "'", this, null );
}
// write into PC replacement text - do merge for replacement text!!!!
for ( char aResolvedEntity : resolvedEntity )
{
if ( pcEnd >= pc.length )
{
ensurePC( pcEnd );
}
pc[pcEnd++] = aResolvedEntity;
}
extractEntityRef();
}
else if ( ch == '\t' || ch == '\n' || ch == '\r' )
{
Expand Down Expand Up @@ -2759,11 +2722,22 @@ else if ( ch >= 'A' && ch <= 'F' )
}
}
posEnd = pos - 1;
try

int codePoint = Integer.parseInt( sb.toString(), isHex ? 16 : 10 );
boolean isValidCodePoint = isValidCodePoint( codePoint );
if ( isValidCodePoint )
{
charRefOneCharBuf = Character.toChars( Integer.parseInt( sb.toString(), isHex ? 16 : 10 ) );
try
{
charRefOneCharBuf = Character.toChars( codePoint );
}
catch ( IllegalArgumentException e )
{
isValidCodePoint = false;
}
}
catch ( IllegalArgumentException e )

if ( !isValidCodePoint )
{
throw new XmlPullParserException( "character reference (with " + ( isHex ? "hex" : "decimal" )
+ " value " + sb.toString() + ") is invalid", this, null );
Expand Down Expand Up @@ -3440,10 +3414,14 @@ private void parseDocdecl()
ch = more();
if ( ch == '[' )
++bracketLevel;
if ( ch == ']' )
else if ( ch == ']' )
--bracketLevel;
if ( ch == '>' && bracketLevel == 0 )
else if ( ch == '>' && bracketLevel == 0 )
break;
else if ( ch == '&' )
{
extractEntityRef();
}
if ( normalizeIgnorableWS )
{
if ( ch == '\r' )
Expand Down Expand Up @@ -3496,6 +3474,49 @@ else if ( ch == '\n' )
posEnd = pos - 1;
}

private void extractEntityRef()
throws XmlPullParserException, IOException
{
// extractEntityRef
posEnd = pos - 1;
if ( !usePC )
{
final boolean hadCharData = posEnd > posStart;
if ( hadCharData )
{
// posEnd is already set correctly!!!
joinPC();
}
else
{
usePC = true;
pcStart = pcEnd = 0;
}
}
// assert usePC == true;

final char[] resolvedEntity = parseEntityRef();
// check if replacement text can be resolved !!!
if ( resolvedEntity == null )
{
if ( entityRefName == null )
{
entityRefName = newString( buf, posStart, posEnd - posStart );
}
throw new XmlPullParserException( "could not resolve entity named '" + printable( entityRefName )
+ "'", this, null );
}
// write into PC replacement text - do merge for replacement text!!!!
for ( char aResolvedEntity : resolvedEntity )
{
if ( pcEnd >= pc.length )
{
ensurePC( pcEnd );
}
pc[pcEnd++] = aResolvedEntity;
}
}

private void parseCDSect( boolean hadCharData )
throws XmlPullParserException, IOException
{
Expand Down

0 comments on commit b5a006b

Please sign in to comment.