sandygao 2003/03/24 15:37:55
Modified: java/src/org/apache/xerces/impl/xpath/regex
message.properties ParserForXMLSchema.java
Log:
Fixing bugs 16563: Parser accepts invalid regular expression.
Many thanks to Khaled Noaman for the patch.
Revision Changes Path
1.5 +6 -4
xml-xerces/java/src/org/apache/xerces/impl/xpath/regex/message.properties
Index: message.properties
===================================================================
RCS file:
/home/cvs/xml-xerces/java/src/org/apache/xerces/impl/xpath/regex/message.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- message.properties 24 Mar 2003 23:31:04 -0000 1.4
+++ message.properties 24 Mar 2003 23:37:55 -0000 1.5
@@ -22,15 +22,17 @@
parser.cc.5=']' is expected.
parser.cc.6='[' is invalid in a character class. Write '\\['.
parser.cc.7=']' is invalid in a character class. Write '\\]'.
+parser.cc.8='-' is an invalid character range. Write '\\-'.
parser.ope.1='[' is expected.
parser.ope.2=')' or '-[' or '+[' or '&[' is expected.
+parser.ope.3=The range end code point is less than the start code point.
parser.descape.1=Invalid Unicode hex notation.
parser.descape.2=Overflow in a hex notation.
parser.descape.3='\\x{' must be closed by '}'.
parser.descape.4=Invalid Unicode code point.
parser.descape.5=An anchor must not be here.
parser.process.1=This expression is not supported in the current option setting.
-+parser.quantifier.1=Invalid quantifier. A digit is expected.
-+parser.quantifier.2=Invalid quantifier. Invalid quantity or a '}' is missing.
-+parser.quantifier.3=Invalid quantifier. A digit or '}' is expected.
-+parser.quantifier.4=Invalid quantifier. A min quantity must be <= a max quantity.
+parser.quantifier.1=Invalid quantifier. A digit is expected.
+parser.quantifier.2=Invalid quantifier. Invalid quantity or a '}' is missing.
+parser.quantifier.3=Invalid quantifier. A digit or '}' is expected.
+parser.quantifier.4=Invalid quantifier. A min quantity must be <= a max quantity.
1.5 +26 -22
xml-xerces/java/src/org/apache/xerces/impl/xpath/regex/ParserForXMLSchema.java
Index: ParserForXMLSchema.java
===================================================================
RCS file:
/home/cvs/xml-xerces/java/src/org/apache/xerces/impl/xpath/regex/ParserForXMLSchema.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ParserForXMLSchema.java 9 Aug 2002 15:18:17 -0000 1.4
+++ ParserForXMLSchema.java 24 Mar 2003 23:37:55 -0000 1.5
@@ -2,7 +2,7 @@
* The Apache Software License, Version 1.1
*
*
- * Copyright (c) 1999-2002 The Apache Software Foundation. All rights
+ * Copyright (c) 1999-2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -277,6 +277,7 @@
if (type == T_CHAR) {
if (c == '[') throw this.ex("parser.cc.6", this.offset-2);
if (c == ']') throw this.ex("parser.cc.7", this.offset-2);
+ if (c == '-') throw this.ex("parser.cc.8", this.offset-2);
}
if (this.read() != T_CHAR || this.chardata != '-') { // Here is no
'-'.
tok.addRange(c, c);
@@ -285,23 +286,21 @@
this.next(); // Skips '-'
if ((type = this.read()) == T_EOF) throw
this.ex("parser.cc.2", this.offset);
// c '-' ']' -> '-' is a
single-range.
- if (type == T_CHAR && this.chardata == ']') {
- tok.addRange(c, c);
- tok.addRange('-', '-');
- }
- // c '-' '-[' -> '-' is a
single-range.
- else if (type == T_XMLSCHEMA_CC_SUBTRACTION) {
- tok.addRange(c, c);
- tok.addRange('-', '-');
+ if ((type == T_CHAR && this.chardata == ']')
+ || type == T_XMLSCHEMA_CC_SUBTRACTION) {
+ throw this.ex("parser.cc.8", this.offset-1);
} else {
int rangeend = this.chardata;
if (type == T_CHAR) {
if (rangeend == '[') throw this.ex("parser.cc.6",
this.offset-1);
if (rangeend == ']') throw this.ex("parser.cc.7",
this.offset-1);
+ if (rangeend == '-') throw this.ex("parser.cc.8",
this.offset-2);
}
- if (type == T_BACKSOLIDUS)
+ else if (type == T_BACKSOLIDUS)
rangeend = this.decodeEscaped();
this.next();
+
+ if (c > rangeend) throw this.ex("parser.ope.3",
this.offset-1);
tok.addRange(c, rangeend);
}
}
@@ -356,18 +355,23 @@
case 'n': c = '\n'; break; // LINE FEED U+000A
case 'r': c = '\r'; break; // CRRIAGE RETURN U+000D
case 't': c = '\t'; break; // HORIZONTAL TABULATION U+0009
-
- case 'e':
- case 'f':
- case 'x':
- case 'u':
- case 'v':
- throw ex("parser.process.1", this.offset-2);
- case 'A':
- case 'Z':
- case 'z':
- throw ex("parser.descape.5", this.offset-2);
+ case '\\':
+ case '|':
+ case '.':
+ case '^':
+ case '-':
+ case '?':
+ case '*':
+ case '+':
+ case '{':
+ case '}':
+ case '(':
+ case ')':
+ case '[':
+ case ']':
+ break; // return actucal char
default:
+ throw ex("parser.process.1", this.offset-2);
}
return c;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
