scolebourne 2004/10/16 11:52:21
Modified: lang/src/test/org/apache/commons/lang
StringEscapeUtilsTest.java
lang/src/java/org/apache/commons/lang Entities.java
lang RELEASE-NOTES.txt
Log:
Fix unescape to handle invalid entities
bug 29149, from Dan Goldberg
Revision Changes Path
1.15 +6 -1
jakarta-commons/lang/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java
Index: StringEscapeUtilsTest.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/lang/src/test/org/apache/commons/lang/StringEscapeUtilsTest.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- StringEscapeUtilsTest.java 18 Feb 2004 23:06:19 -0000 1.14
+++ StringEscapeUtilsTest.java 16 Oct 2004 18:52:21 -0000 1.15
@@ -226,6 +226,11 @@
// note that the test string must be 7-bit-clean (unicode escaped) or else
it will compile incorrectly
// on some locales
assertEquals("funny chars pass through OK", "Fran\u00E7ais",
StringEscapeUtils.unescapeHtml("Fran\u00E7ais"));
+
+ assertEquals("Hello&;World",
StringEscapeUtils.unescapeHtml("Hello&;World"));
+ assertEquals("Hello&#;World",
StringEscapeUtils.unescapeHtml("Hello&#;World"));
+ assertEquals("Hello&# ;World", StringEscapeUtils.unescapeHtml("Hello&#
;World"));
+ assertEquals("Hello&##;World",
StringEscapeUtils.unescapeHtml("Hello&##;World"));
}
public void testUnescapeHexCharsHtml() {
1.19 +16 -6
jakarta-commons/lang/src/java/org/apache/commons/lang/Entities.java
Index: Entities.java
===================================================================
RCS file:
/home/cvs/jakarta-commons/lang/src/java/org/apache/commons/lang/Entities.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- Entities.java 1 Sep 2004 18:00:01 -0000 1.18
+++ Entities.java 16 Oct 2004 18:52:21 -0000 1.19
@@ -648,12 +648,22 @@
}
String entityName = str.substring(i + 1, semi);
int entityValue;
- if (entityName.charAt(0) == '#') {
- char charAt1 = entityName.charAt(1);
- if (charAt1 == 'x' || charAt1=='X') {
- entityValue = Integer.valueOf(entityName.substring(2),
16).intValue();
+ if (entityName.length() == 0) {
+ entityValue = -1;
+ } else if (entityName.charAt(0) == '#') {
+ if (entityName.length() == 1) {
+ entityValue = -1;
} else {
- entityValue = Integer.parseInt(entityName.substring(1));
+ char charAt1 = entityName.charAt(1);
+ try {
+ if (charAt1 == 'x' || charAt1=='X') {
+ entityValue =
Integer.valueOf(entityName.substring(2), 16).intValue();
+ } else {
+ entityValue =
Integer.parseInt(entityName.substring(1));
+ }
+ } catch (NumberFormatException ex) {
+ entityValue = -1;
+ }
}
} else {
entityValue = this.entityValue(entityName);
1.32 +3 -1 jakarta-commons/lang/RELEASE-NOTES.txt
Index: RELEASE-NOTES.txt
===================================================================
RCS file: /home/cvs/jakarta-commons/lang/RELEASE-NOTES.txt,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- RELEASE-NOTES.txt 16 Oct 2004 17:47:48 -0000 1.31
+++ RELEASE-NOTES.txt 16 Oct 2004 18:52:21 -0000 1.32
@@ -107,6 +107,7 @@
28468 StringUtils.defaultString: Documentation error
28554 Add hashCode-support to class ObjectUtils
29082 Enhancement of ExceptionUtils.CAUSE_METHOD_NAMES
+29149 StringEscapeUtils.unescapeHtml() doesn't handle an empty entity
29294 lang.math.Fraction class deficiencies
29673 ExceptionUtils: new getCause() methodname (for tomcat)
29794 Add convenience format(long) methods to FastDateForma
@@ -117,3 +118,4 @@
31395 DateUtils.truncate oddity at the far end of the Date spectrum
31478 Compile error with JDK 5 "enum" is a keyword
31572 o.a.c.lang.enum.ValuedEnum: 'enum'is a keyword in JDK1.5.0
+
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
