axutil_date_time_deserialize_date() allows deserialization of strings that
contain the time
-------------------------------------------------------------------------------------------
Key: AXIS2C-1395
URL: https://issues.apache.org/jira/browse/AXIS2C-1395
Project: Axis2-C
Issue Type: Bug
Components: core/clientapi
Affects Versions: 1.6.0
Environment: $ uname -a
Linux clearwater 2.6.18-8.el5 #1 SMP Thu Mar 15 19:46:53 EDT 2007 x86_64 x86_64
x86_64 GNU/Linux
$ gcc --version
gcc (GCC) 4.2.2
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Reporter: Russell Tempero
Priority: Minor
Fix For: 1.6.0
Attachments: date_time.c.diff
The axutil_date_time_deserialize_date() function deserializes the date from a
string that also contains the time and does not error. For example, the
following string would be deserialized, even though it is actually a dateTime,
rather than a date value.
2009-07-20T16:16:58Z
According to the following specification, this behavior should not be allowed:
http://www.w3.org/TR/xmlschema-2/#date
I have included a proposed patch that fixes the issue. Basically, I search the
input string for the 'T', which precedes the time portion of a dateTime value.
If 'T' is found, the function returns with an error status. Let me know if
there might be a better way of detecting an incorrect value in this case.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
