alhudz opened a new pull request, #1721:
URL: https://github.com/apache/commons-lang/pull/1721
`UnicodeUnescaper.translate` reads the four-character value of a `\uXXXX`
escape with `Integer.parseInt(value, 16)`, which tolerates a leading sign.
1. `\u-047` decodes to `U+FFB9` rather than being rejected, because
`parseInt("-047", 16)` returns `-71`.
2. an embedded sign such as `\u02-3` already throws
`IllegalArgumentException`, so accepting a leading sign is inconsistent.
Reject a leading `+`/`-` in the value field before parsing. The documented
`u+` notation (`\u+0047`) is unaffected.
Repro: `new UnicodeUnescaper().translate("\\u-047")`
Expected: `IllegalArgumentException`
Actual: returns the string `\uFFB9`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
