walkero
/
cppcheck
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

#6431 Invalid XML created - Invalid encoding of string literal. Partial fix: ensure the short message string is also processed to avoid problems with non-terminated string.

This commit is contained in:
Alexander Mai 2015-06-18 21:16:25 +02:00
parent 60f5bd97df
commit 712919a691
2 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/errorlogger.cpp
View File

@ -235,7 +235,13 @@ std::string ErrorLogger::ErrorMessage::fixInvalidChars(const std::string& raw)
} else {
std::ostringstream es;
// straight cast to (unsigned) doesn't work out.
es << '\\' << std::setbase(8) << std::setw(3) << std::setfill('0') << (unsigned)(unsigned char)*from;
const unsigned uFrom = (unsigned)(unsigned char)*from;
#if 0
if (uFrom<0x20)
es << "\\XXX";
else
#endif
es << '\\' << std::setbase(8) << std::setw(3) << std::setfill('0') << uFrom;
result += es.str();
}
++from;
@ -270,7 +276,7 @@ std::string ErrorLogger::ErrorMessage::toXML(bool verbose, int version) const
printer.OpenElement("error", false);
printer.PushAttribute("id", _id.c_str());
printer.PushAttribute("severity", Severity::toString(_severity).c_str());
printer.PushAttribute("msg", _shortMessage.c_str());
printer.PushAttribute("msg", fixInvalidChars(_shortMessage).c_str());
printer.PushAttribute("verbose", fixInvalidChars(_verboseMessage).c_str());
if (_cwe)
printer.PushAttribute("cwe", _cwe);

19
test/testerrorlogger.cpp
View File

@ -220,10 +220,21 @@ private:
}
void ToXmlV2Encoding() const {
std::list<ErrorLogger::ErrorMessage::FileLocation> locs;
ErrorMessage msg(locs, Severity::error, "Programming error.\nComparing \"\203\" with \"\003\"", "errorId", false);
const std::string message(" <error id=\"errorId\" severity=\"error\" msg=\"Programming error.\" verbose=\"Comparing &quot;\\203&quot; with &quot;\\003&quot;\"/>");
ASSERT_EQUALS(message, msg.toXML(false, 2));
{
std::list<ErrorLogger::ErrorMessage::FileLocation> locs;
ErrorMessage msg(locs, Severity::error, "Programming error.\nComparing \"\203\" with \"\003\"", "errorId", false);
const std::string message(" <error id=\"errorId\" severity=\"error\" msg=\"Programming error.\" verbose=\"Comparing &quot;\\203&quot; with &quot;\\003&quot;\"/>");
ASSERT_EQUALS(message, msg.toXML(false, 2));
}
{
const char code1[]="äöü";
const char code2[]="\x12\x00\x00\x01";
std::list<ErrorLogger::ErrorMessage::FileLocation> locs;
ErrorMessage msg1(locs, Severity::error, std::string("Programming error.\nReading \"")+code1+"\"", "errorId", false);
ASSERT_EQUALS(" <error id=\"errorId\" severity=\"error\" msg=\"Programming error.\" verbose=\"Reading &quot;\\303\\244\\303\\266\\303\\274&quot;\"/>", msg1.toXML(false, 2));
ErrorMessage msg2(locs, Severity::error, std::string("Programming error.\nReading \"")+code2+"\"", "errorId", false);
ASSERT_EQUALS(" <error id=\"errorId\" severity=\"error\" msg=\"Programming error.\" verbose=\"Reading &quot;\\022&quot;\"/>", msg2.toXML(false, 2));
}
}
void InconclusiveXml() const {