[
https://issues.apache.org/jira/browse/NIFI-8478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17334965#comment-17334965
]
Paul Grey commented on NIFI-8478:
---------------------------------
Thanks [~juldrixx] for raising this issue.
There was one other problem in the project (in addition to the two you pointed
out), at least when using the FR locale. These should be addressed by an
upcoming PR. I've also looked into the github CI. It should give us coverage
to prevent future regressions.
> Unable to build the project
> (XmlUtilsTest.testShouldHandleXXEInDocumentBuilder:97 assert msg =~
> "SAXParseException.* DOCTYPE is disallowed when the feature")
> -------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-8478
> URL: https://issues.apache.org/jira/browse/NIFI-8478
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.13.2
> Environment: $ java -version
> openjdk version "11.0.11" 2021-04-20 LTS
> OpenJDK Runtime Environment Zulu11.48+21-CA (build 11.0.11+9-LTS)
> OpenJDK 64-Bit Server VM Zulu11.48+21-CA (build 11.0.11+9-LTS, mixed mode)
> $ mvn -version
> Apache Maven 3.6.3
> Maven home: /usr/share/maven
> Java version: 11.0.11, vendor: Azul Systems, Inc., runtime:
> /usr/lib/jvm/zulu11-ca-amd64
> Default locale: fr_FR, platform encoding: UTF-8
> OS name: "linux", version: "5.8.0-50-generic", arch: "amd64", family: "unix"
> $ git status
> Sur la branche main
> Votre branche est à jour avec 'origin/main'.
> rien à valider, la copie de travail est propre
> Reporter: Julien G.
> Assignee: Paul Grey
> Priority: Blocker
>
> Unable to build the projet with the command:
> {noformat}
> mvn clean install{noformat}
> I got the error:
> {code:java}
> [INFO] --- maven-surefire-plugin:2.22.2:test (default-test) @
> nifi-security-utils ---
> [INFO] Surefire report directory:
> /home/juldrixx/Documents/tmp/nifi/nifi-commons/nifi-security-utils/target/surefire-reports
> [INFO] Using configured provider
> org.apache.maven.surefire.junit4.JUnit4Provider
> [INFO]
> [INFO] -------------------------------------------------------
> [INFO] T E S T S
> [INFO] -------------------------------------------------------
> [INFO] Running org.apache.nifi.security.XXEValidatorTest
> [INFO] Tests run: 6, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.4 s
> - in org.apache.nifi.security.XXEValidatorTest
> [INFO] Running org.apache.nifi.security.xml.XmlUtilsTest
> [ERROR] Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 0.347
> s <<< FAILURE! - in org.apache.nifi.security.xml.XmlUtilsTest
> [ERROR]
> testShouldHandleXXEInDocumentBuilder(org.apache.nifi.security.xml.XmlUtilsTest)
> Time elapsed: 0.017 s <<< FAILURE!
> org.codehaus.groovy.runtime.powerassert.PowerAssertionError:
> assert msg =~ "SAXParseException.* DOCTYPE is disallowed when the feature"
> | |
> | java.util.regex.Matcher[pattern=SAXParseException.* DOCTYPE is
> disallowed when the feature region=0,314 lastmatch=]
> org.xml.sax.SAXParseException; systemId:
> file:/home/juldrixx/Documents/tmp/nifi/nifi-commons/nifi-security-utils/src/test/resources/local_xxe_file.xml;
> lineNumber: 1; columnNumber: 65; DOCTYPE n'est pas autorisé lorsque la
> fonctionnalité "http://apache.org/xml/features/disallow-doctype-decl"; est
> définie sur True.
> at
> org.apache.nifi.security.xml.XmlUtilsTest.testShouldHandleXXEInDocumentBuilder(XmlUtilsTest.groovy:97)
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
