mrglavas    2003/11/07 13:00:28

  Modified:    java/src/org/apache/xerces/impl XML11EntityScanner.java
                        XMLEntityScanner.java
  Log:
  Fixing a couple of bugs:
  
  1) We were previously accepting strings starting with ':' as
  valid QNames. Now checking that the first character
  actually is a NCNameChar.
  
  2) In XML11EntityScanner scanQName would accept
  any NCNameChar where the NCNameStartChar was expected
  in the local part. So illegal names like, 'bad:1' were slipping
  through undetected.
  
  Revision  Changes    Path
  1.8       +10 -2     
xml-xerces/java/src/org/apache/xerces/impl/XML11EntityScanner.java
  
  Index: XML11EntityScanner.java
  ===================================================================
  RCS file: 
/home/cvs/xml-xerces/java/src/org/apache/xerces/impl/XML11EntityScanner.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- XML11EntityScanner.java   6 Nov 2003 18:57:47 -0000       1.7
  +++ XML11EntityScanner.java   7 Nov 2003 21:00:27 -0000       1.8
  @@ -59,6 +59,7 @@
   
   import java.io.IOException;
   
  +import org.apache.xerces.impl.msg.XMLMessageFormatter;
   import org.apache.xerces.util.XMLChar;
   import org.apache.xerces.util.XML11Char;
   import org.apache.xerces.util.XMLStringBuffer;
  @@ -379,7 +380,7 @@
   
           // scan qualified name
           int offset = fCurrentEntity.position;
  -        if (XML11Char.isXML11NameStart(fCurrentEntity.ch[offset])) {
  +        if (XML11Char.isXML11NCNameStart(fCurrentEntity.ch[offset])) {
               if (++fCurrentEntity.position == fCurrentEntity.count) {
                   fCurrentEntity.ch[0] = fCurrentEntity.ch[offset];
                   offset = 0;
  @@ -434,6 +435,13 @@
                       prefix = fSymbolTable.addSymbol(fCurrentEntity.ch,
                                                       offset, prefixLength);
                       int len = length - prefixLength - 1;
  +                    int startLocal = index +1;
  +                    if 
(!XML11Char.isXML11NCNameStart(fCurrentEntity.ch[startLocal])){
  +                        fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
  +                                                   "IllegalQName",
  +                                                   null,
  +                                                   
XMLErrorReporter.SEVERITY_FATAL_ERROR);
  +                    }
                       localpart = fSymbolTable.addSymbol(fCurrentEntity.ch,
                                                          index + 1, len);
   
  
  
  
  1.18      +3 -3      xml-xerces/java/src/org/apache/xerces/impl/XMLEntityScanner.java
  
  Index: XMLEntityScanner.java
  ===================================================================
  RCS file: 
/home/cvs/xml-xerces/java/src/org/apache/xerces/impl/XMLEntityScanner.java,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- XMLEntityScanner.java     6 Nov 2003 18:57:47 -0000       1.17
  +++ XMLEntityScanner.java     7 Nov 2003 21:00:27 -0000       1.18
  @@ -561,7 +561,7 @@
   
           // scan qualified name
           int offset = fCurrentEntity.position;
  -        if (XMLChar.isNameStart(fCurrentEntity.ch[offset])) {
  +        if (XMLChar.isNCNameStart(fCurrentEntity.ch[offset])) {
               if (++fCurrentEntity.position == fCurrentEntity.count) {
                   fCurrentEntity.ch[0] = fCurrentEntity.ch[offset];
                   offset = 0;
  @@ -623,7 +623,7 @@
                                                       offset, prefixLength);
                       int len = length - prefixLength - 1;
                       int startLocal = index +1;
  -                    if (!XMLChar.isNameStart(fCurrentEntity.ch[startLocal])){
  +                    if (!XMLChar.isNCNameStart(fCurrentEntity.ch[startLocal])){
                           fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
                                                    "IllegalQName",
                                                     null,
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to