Uploaded image for project: 'XalanJ2'
  1. XalanJ2
  2. XALANJ-2271

XML 1.1 Serialization, char in attribute value not escaped

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.7.1
    • Component/s: None
    • Labels:
      None
    • Xalan info:
      PatchAvailable

      Description

      This issue was found by Henry Zongaro.

      If you try the following stylesheet, you'll see that the character x8C, which is not permitted in literal form in XML 1.1, is escaped when it appears in an element's character content, but it's not escaped when it is part of an attribute value.

      <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
      <xsl:output method="xml" version="1.1"/>
      <xsl:template match="/">
      <out att="Œ">Œ</out>
      </xsl:template>
      </xsl:stylesheet>

      When the serialized XML produced by this stylesheet is parsed by Xerces (depending perhaps on the version of Xerces) it goes into an infinite loop when it attempts to parse an attribute that contains an invalid character.

        Attachments

        1. character.expansion.patch1.txt
          37 kB
          Brian Minchau
        2. character.expansion.patch3.txt
          41 kB
          Brian Minchau

          Issue Links

            Activity

              People

              • Assignee:
                minchau@ca.ibm.com Brian Minchau
                Reporter:
                minchau@ca.ibm.com Brian Minchau
                Reviewer:
                Henry Zongaro
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: