I noticed this snippet of code:
log.DebugFormat("Hello {0}{1", "<World");
is correctly caught as containing an invalid format string. This is
part of the error message:
<log4net.Error>Exception during StringFormat: Input string was not in a
correct format. <format>Hello
{0}{1</format><args>{<World}</args></log4net.Error>
Notice the unclosed greater than sign before World. Shouldn't we be
encoding (or CDATAing) certain XML characters when we generate XML
messages? I couldn't find anything saying error messages will rednered
as XML.
log4net.ObjectRenderer.RendererMap.FindAndRender and
log4net.Util.SystemStringFormat.StringFormatError both generate those
style messages.
