Uploaded image for project: 'Ivy'
  1. Ivy
  2. IVY-635

Attempt to download a file with & in its name causes SAXParseException in Ivy

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 1.4
    • 2.0.0-beta-1
    • Core
    • None

    Description

      I've created a file with name file&_.txt and tried to download it by Ivy. I get the following exception:

      Caused by: java.text.ParseException: failed to parse report: C:\BuildAgent\work\.ivy\cache\org-bt79-default.xml: The reference to entity "_" must end with the ';' delimiter.
      at fr.jayasoft.ivy.xml.XmlReportParser.getArtifacts(XmlReportParser.java:150)
      at fr.jayasoft.ivy.xml.XmlReportParser.getArtifacts(XmlReportParser.java:141)
      at fr.jayasoft.ivy.Ivy.determineArtifactsToCopy(Ivy.java:2038)
      at fr.jayasoft.ivy.Ivy.retrieve(Ivy.java:1930)
      ... 8 more
      Caused by: org.xml.sax.SAXParseException: The reference to entity "_" must end with the ';' delimiter.
      at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
      at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
      at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
      at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
      at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
      at org.apache.xerces.impl.XMLScanner.scanAttributeValue(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanAttribute(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanStartElement(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
      at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
      at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
      at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
      at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
      at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
      at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
      at org.apache.xerces.jaxp.SAXParserImpl.parse(Unknown Source)
      at javax.xml.parsers.SAXParser.parse(SAXParser.java:311)
      at fr.jayasoft.ivy.xml.XmlReportParser$SaxXmlReportParser.parse(XmlReportParser.java:50)
      at fr.jayasoft.ivy.xml.XmlReportParser.getArtifacts(XmlReportParser.java:147)
      ... 11 more

      Deeper investigation revealed that Ivy stores incorrect xml files in its cache. In particular bug is in the method XmlModuleDescriptorWriter.write() - it does not do any XML escaping while producing XML file. Moreover it does not check that there are no characters that cannot appear in XML attributes, tags and so on.

      Attachments

        Activity

          People

            maartenc Maarten Coene
            pavel.sher Pavel Sher
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: