Uploaded image for project: 'XalanJ2'
  1. XalanJ2
  2. XALANJ-2271

XML 1.1 Serialization, char in attribute value not escaped

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 2.7.1
    • None
    • None
    • PatchAvailable

    Description

      This issue was found by Henry Zongaro.

      If you try the following stylesheet, you'll see that the character x8C, which is not permitted in literal form in XML 1.1, is escaped when it appears in an element's character content, but it's not escaped when it is part of an attribute value.

      <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
      <xsl:output method="xml" version="1.1"/>
      <xsl:template match="/">
      <out att="Œ">Œ</out>
      </xsl:template>
      </xsl:stylesheet>

      When the serialized XML produced by this stylesheet is parsed by Xerces (depending perhaps on the version of Xerces) it goes into an infinite loop when it attempts to parse an attribute that contains an invalid character.

      Attachments

        1. character.expansion.patch1.txt
          37 kB
          Brian Minchau
        2. character.expansion.patch3.txt
          41 kB
          Brian Minchau

        Issue Links

          Activity

            People

              minchau@ca.ibm.com Brian Minchau
              minchau@ca.ibm.com Brian Minchau
              Henry Zongaro Henry Zongaro
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: