scolebourne 2004/10/16 11:52:21 Modified: lang/src/test/org/apache/commons/lang StringEscapeUtilsTest.java lang/src/java/org/apache/commons/lang Entities.java lang RELEASE-NOTES.txt Log: Fix unescape to handle invalid entities
bug 29149, from Dan Goldberg Revision Changes Path 1.15 +6 -1 jakarta-commons/lang/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java Index: StringEscapeUtilsTest.java =================================================================== RCS file: /home/cvs/jakarta-commons/lang/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- StringEscapeUtilsTest.java 18 Feb 2004 23:06:19 -0000 1.14 +++ StringEscapeUtilsTest.java 16 Oct 2004 18:52:21 -0000 1.15 @@ -226,6 +226,11 @@ // note that the test string must be 7-bit-clean (unicode escaped) or else it will compile incorrectly // on some locales assertEquals("funny chars pass through OK", "Fran\u00E7ais", StringEscapeUtils.unescapeHtml("Fran\u00E7ais")); + + assertEquals("Hello&;World", StringEscapeUtils.unescapeHtml("Hello&;World")); + assertEquals("Hello&#;World", StringEscapeUtils.unescapeHtml("Hello&#;World")); + assertEquals("Hello&# ;World", StringEscapeUtils.unescapeHtml("Hello&# ;World")); + assertEquals("Hello&##;World", StringEscapeUtils.unescapeHtml("Hello&##;World")); } public void testUnescapeHexCharsHtml() { 1.19 +16 -6 jakarta-commons/lang/src/java/org/apache/commons/lang/Entities.java Index: Entities.java =================================================================== RCS file: /home/cvs/jakarta-commons/lang/src/java/org/apache/commons/lang/Entities.java,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- Entities.java 1 Sep 2004 18:00:01 -0000 1.18 +++ Entities.java 16 Oct 2004 18:52:21 -0000 1.19 @@ -648,12 +648,22 @@ } String entityName = str.substring(i + 1, semi); int entityValue; - if (entityName.charAt(0) == '#') { - char charAt1 = entityName.charAt(1); - if (charAt1 == 'x' || charAt1=='X') { - entityValue = Integer.valueOf(entityName.substring(2), 16).intValue(); + if (entityName.length() == 0) { + entityValue = -1; + } else if (entityName.charAt(0) == '#') { + if (entityName.length() == 1) { + entityValue = -1; } else { - entityValue = Integer.parseInt(entityName.substring(1)); + char charAt1 = entityName.charAt(1); + try { + if (charAt1 == 'x' || charAt1=='X') { + entityValue = Integer.valueOf(entityName.substring(2), 16).intValue(); + } else { + entityValue = Integer.parseInt(entityName.substring(1)); + } + } catch (NumberFormatException ex) { + entityValue = -1; + } } } else { entityValue = this.entityValue(entityName); 1.32 +3 -1 jakarta-commons/lang/RELEASE-NOTES.txt Index: RELEASE-NOTES.txt =================================================================== RCS file: /home/cvs/jakarta-commons/lang/RELEASE-NOTES.txt,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- RELEASE-NOTES.txt 16 Oct 2004 17:47:48 -0000 1.31 +++ RELEASE-NOTES.txt 16 Oct 2004 18:52:21 -0000 1.32 @@ -107,6 +107,7 @@ 28468 StringUtils.defaultString: Documentation error 28554 Add hashCode-support to class ObjectUtils 29082 Enhancement of ExceptionUtils.CAUSE_METHOD_NAMES +29149 StringEscapeUtils.unescapeHtml() doesn't handle an empty entity 29294 lang.math.Fraction class deficiencies 29673 ExceptionUtils: new getCause() methodname (for tomcat) 29794 Add convenience format(long) methods to FastDateForma @@ -117,3 +118,4 @@ 31395 DateUtils.truncate oddity at the far end of the Date spectrum 31478 Compile error with JDK 5 "enum" is a keyword 31572 o.a.c.lang.enum.ValuedEnum: 'enum'is a keyword in JDK1.5.0 + --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]