avandeursen opened a new pull request #696: URL: https://github.com/apache/logging-log4j2/pull/696
I noticed that the central `substitute` method in the `StrSubstitutor` class that was involved in a recent CVE had some code not covered by (unit) tests. This untested logic related to cases where substitution in variables was disabled, and when no value escape delimiter (like `:\-`) was set. I also noted some nice examples in the javadoc of `StrSubstitutor` that could be instructive test cases, and which indeed could cover some of the untested logic. Therefore, this pull request: - adds test cases for all examples listed in the `StrSubstitutor` javadoc - applies small fixes to the javadoc - adds test cases for value escape separator `:\\-` with and without a matcher for such escaped separators - results in full statement coverage of the `substitute` method - improves the branch coverage of the `substitute` method - improves the test coverage of some helper methods. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
