https://issues.apache.org/bugzilla/show_bug.cgi?id=44984
Summary: if base64 is used after xpath expression it should
extract only text nodes
Product: Security
Version: cvs
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: C++ Signature
AssignedTo: security-dev@xml.apache.org
ReportedBy: [EMAIL PROTECTED]
DSIGTransformBase64.cpp function appendTransformer does not extract text()
nodes if input is xpath transformation
if (input->getLastTxfm()->getNodeType() != TXFMBase::DOM_NODE_XPATH_NODESET)
then it adds self::text() xpath transformation.
However even if input is already xpath_nodeset it should have self::text()
transformation applied.
from standard:
This transform requires an octet stream for input. If an XPath node-set (or
sufficiently functional alternative) is given as input, then it is converted to
an octet stream by performing operations logically equivalent to 1) applying an
XPath transform with expression self::text(), then 2) taking the string-value
of the node-set. Thus, if an XML element is identified by a barename XPointer
in the Reference URI, and its content consists solely of base64 encoded
character data, then this transform automatically strips away the start and end
tags of the identified element and any of its descendant elements as well as
any descendant comments and processing instructions. The output of this
transform is an octet stream.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
