Public bug reported:
According to the function Cimom::unescapeXml() in CimXml.cpp, in addition to
escaping the quote character, it should also escape the backslash character.
Without escaping backslash, if the string is ended with backslash,
the quoted text output will be ambiguous. The backslash at the end
will be attached to the closing quote, and be interpreted as an escaped
quote character.
According to,
xml: a" --> text output: "a\"" --> interpreted as: a"
then the following will be ambiguous,
xml: a\ --> text output: "a\" --> interpreted as: a" (with trailing garbage
characters)
The function then should be fixed like this, (converting "&xxx;" should also be
case-insensitive)
string Cimom::unescapeXml(const char *m, int nq)
{
- #define REPL(str,chrs) if(strncmp(p,str,strlen(str))==0) \
+ #define REPL(str,chrs) if(strncasecmp(p,str,strlen(str))==0) \
{ strcpy (q,(chrs)); \
q+=strlen(chrs); \
p+=strlen(str); }
const char *quotereplace = nq ? "\\\"" : "\"";
+ const char *backslashreplace = nq ? "\\\\" : "\\";
const char *p;
char *q, *buf = (char *) alloca(strlen(m));
for(p=m,q=buf; *p;)
+ // Without escaping backslash, if the string is ended with backslash,
+ // the quoted text output will be ambiguous. The backslash at the end
+ // will be attached to the closing quote, and be interpreted as an escaped
+ // quote character, like this,
+ // * xml: a\ --> text output: "a\" --> incorrectly interpreted as: a"
+ // * xml: a" --> text output: "a\"" --> correctly interpreted as: a"
+ REPL("\\",backslashreplace) else // xml: a\ --> output: "a\\"
if(*p!='&') { *q++ = *p++; }
else {
REPL(">",">")
** Affects: sblim-wbemcli (Ubuntu)
Importance: Undecided
Status: New
--
should escape backslash character in CimXml::unescapeXml()
https://bugs.launchpad.net/bugs/384721
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
