Apache
/
commons-lang
mirror of https://github.com/apache/commons-lang.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix unescape to handle invalid entities 

bug 29149, from Dan Goldberg


git-svn-id: https://svn.apache.org/repos/asf/jakarta/commons/proper/lang/trunk@137988 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Stephen Colebourne 2004-10-16 18:52:21 +00:00
parent d728e81d69
commit e08b9b890f
3 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
RELEASE-NOTES.txt
View File

@ -1,4 +1,4 @@
$Id: RELEASE-NOTES.txt,v 1.31 2004/10/16 17:47:48 scolebourne Exp $
$Id: RELEASE-NOTES.txt,v 1.32 2004/10/16 18:52:21 scolebourne Exp $
Commons Lang Package
Version 2.1
@ -107,6 +107,7 @@ BUG FIXES:
28468 StringUtils.defaultString: Documentation error
28554 Add hashCode-support to class ObjectUtils
29082 Enhancement of ExceptionUtils.CAUSE_METHOD_NAMES
29149 StringEscapeUtils.unescapeHtml() doesn't handle an empty entity
29294 lang.math.Fraction class deficiencies
29673 ExceptionUtils: new getCause() methodname (for tomcat)
29794 Add convenience format(long) methods to FastDateForma
@ -117,3 +118,4 @@ BUG FIXES:
31395 DateUtils.truncate oddity at the far end of the Date spectrum
31478 Compile error with JDK 5 "enum" is a keyword
31572 o.a.c.lang.enum.ValuedEnum: 'enum'is a keyword in JDK1.5.0

22
src/java/org/apache/commons/lang/Entities.java
View File

@ -31,7 +31,7 @@ import java.util.TreeMap;
* @author <a href="mailto:alex@purpletech.com">Alexander Day Chaffee</a>
* @author <a href="mailto:ggregory@seagullsw.com">Gary Gregory</a>
* @since 2.0
* @version $Id: Entities.java,v 1.18 2004/09/01 18:00:01 ggregory Exp $
* @version $Id: Entities.java,v 1.19 2004/10/16 18:52:21 scolebourne Exp $
*/
class Entities {
@ -648,12 +648,22 @@ class Entities {
}
String entityName = str.substring(i + 1, semi);
int entityValue;
if (entityName.charAt(0) == '#') {
char charAt1 = entityName.charAt(1);
if (charAt1 == 'x' || charAt1=='X') {
entityValue = Integer.valueOf(entityName.substring(2), 16).intValue();
if (entityName.length() == 0) {
entityValue = -1;
} else if (entityName.charAt(0) == '#') {
if (entityName.length() == 1) {
entityValue = -1;
} else {
entityValue = Integer.parseInt(entityName.substring(1));
char charAt1 = entityName.charAt(1);
try {
if (charAt1 == 'x' || charAt1=='X') {
entityValue = Integer.valueOf(entityName.substring(2), 16).intValue();
} else {
entityValue = Integer.parseInt(entityName.substring(1));
}
} catch (NumberFormatException ex) {
entityValue = -1;
}
}
} else {
entityValue = this.entityValue(entityName);

7
src/test/org/apache/commons/lang/StringEscapeUtilsTest.java
View File

@ -29,7 +29,7 @@ import junit.textui.TestRunner;
*
* @author of original StringUtilsTest.testEscape = ?
* @author <a href="mailto:alex@purpletech.com">Alexander Day Chaffee</a>
* @version $Id: StringEscapeUtilsTest.java,v 1.14 2004/02/18 23:06:19 ggregory Exp $
* @version $Id: StringEscapeUtilsTest.java,v 1.15 2004/10/16 18:52:21 scolebourne Exp $
*/
public class StringEscapeUtilsTest extends TestCase {
private final static String FOO = "foo";
@ -226,6 +226,11 @@ public class StringEscapeUtilsTest extends TestCase {
// note that the test string must be 7-bit-clean (unicode escaped) or else it will compile incorrectly
// on some locales
assertEquals("funny chars pass through OK", "Fran\u00E7ais", StringEscapeUtils.unescapeHtml("Fran\u00E7ais"));
assertEquals("Hello&;World", StringEscapeUtils.unescapeHtml("Hello&;World"));
assertEquals("Hello&#;World", StringEscapeUtils.unescapeHtml("Hello&#;World"));
assertEquals("Hello&# ;World", StringEscapeUtils.unescapeHtml("Hello&# ;World"));
assertEquals("Hello&##;World", StringEscapeUtils.unescapeHtml("Hello&##;World"));
}
public void testUnescapeHexCharsHtml() {