[
https://issues.apache.org/jira/browse/AXIS2C-1395?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Russell Tempero updated AXIS2C-1395:
------------------------------------
Attachment: date_time.c.diff
Attached proposed patch to fix this issue.
> axutil_date_time_deserialize_date() allows deserialization of strings that
> contain the time
> -------------------------------------------------------------------------------------------
>
> Key: AXIS2C-1395
> URL: https://issues.apache.org/jira/browse/AXIS2C-1395
> Project: Axis2-C
> Issue Type: Bug
> Components: core/clientapi
> Affects Versions: 1.6.0
> Environment: $ uname -a
> Linux clearwater 2.6.18-8.el5 #1 SMP Thu Mar 15 19:46:53 EDT 2007 x86_64
> x86_64 x86_64 GNU/Linux
> $ gcc --version
> gcc (GCC) 4.2.2
> Copyright (C) 2007 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
> Reporter: Russell Tempero
> Priority: Minor
> Fix For: 1.6.0
>
> Attachments: date_time.c.diff
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> The axutil_date_time_deserialize_date() function deserializes the date from a
> string that also contains the time and does not error. For example, the
> following string would be deserialized, even though it is actually a
> dateTime, rather than a date value.
> 2009-07-20T16:16:58Z
> According to the following specification, this behavior should not be allowed:
> http://www.w3.org/TR/xmlschema-2/#date
> I have included a proposed patch that fixes the issue. Basically, I search
> the input string for the 'T', which precedes the time portion of a dateTime
> value. If 'T' is found, the function returns with an error status. Let me
> know if there might be a better way of detecting an incorrect value in this
> case.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
