Bug 326702 - String replacer filter, does not escape match and subst patterns before store into xml configuration file
Summary: String replacer filter, does not escape match and subst patterns before store...
Status: RESOLVED FIXED
Alias: None
Product: jovie
Classification: Unmaintained
Component: General (show other bugs)
Version: unspecified
Platform: unspecified Linux
: NOR normal
Target Milestone: ---
Assignee: Jeremy Whiting
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-10-26 19:29 UTC by Levy, Chen
Modified: 2013-11-17 21:11 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In: 4.11.3
Sentry Crash Report:


Attachments
fix the bug (6.45 KB, patch)
2013-10-26 19:35 UTC, Levy, Chen
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Levy, Chen 2013-10-26 19:29:08 UTC
When adding a word or regex patterns as match (search) or subst (replace) it is stored as-is in an XML configuration file as CDATA. However there is an illegal sequence that can be a valid pattern, and if not escaped will result in an in-valid XML file: "]]>", and the framework does not escape this sequence automatically.

We thus need to escape the patterns manually before storing them into the config file, and unescape them when reading from that file.


Reproducible: Always

Steps to Reproduce:
1. create a string replacer filter.
2. add a pattern that has "]]>" in it.
3. Observer the resulting xml file.
Actual Results:  
The xml configuration file is corrupted, and the filter can not be reloaded.

Expected Results:  
Such a sequence should be escaped to be "]]>", and the pattern should be reloaded when reopening this filter dialog.
Comment 1 Levy, Chen 2013-10-26 19:35:41 UTC
Created attachment 83135 [details]
fix the bug

I was able to build and run the unit-test on this bug, but not to create an environment to test the result binaries.
Comment 2 Jeremy Whiting 2013-10-29 22:18:15 UTC
Git commit 1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07 by Jeremy Whiting.
Committed on 29/10/2013 at 22:12.
Pushed by whiting into branch 'master'.

Escape cdata sections in string replacer xml export and unescape on import.
Thanks to Chen Levy <kde@chenlevy.com> for the bug report and patch.
FIXED-IN:4.11.3

M  +5    -0    CMakeLists.txt
M  +15   -1    filters/stringreplacer/CMakeLists.txt
A  +19   -0    filters/stringreplacer/cdataescaper.cpp     [License: UNKNOWN]  *
A  +9    -0    filters/stringreplacer/cdataescaper.h     [License: UNKNOWN]  *
M  +19   -4    filters/stringreplacer/stringreplacerconf.cpp
M  +12   -3    filters/stringreplacer/stringreplacerproc.cpp
A  +35   -0    filters/stringreplacer/testcdataescaper.cpp     [License: UNKNOWN]  *
A  +16   -0    filters/stringreplacer/testcdataescaper.h     [License: UNKNOWN]  *

The files marked with a * at the end have a non valid license. Please read: http://techbase.kde.org/Policies/Licensing_Policy and use the headers which are listed at that page.


http://commits.kde.org/jovie/1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07
Comment 3 Jeremy Whiting 2013-10-29 22:18:45 UTC
Git commit 05a23fa386a8a3fee1e11385dff84da88ee3bbe8 by Jeremy Whiting.
Committed on 29/10/2013 at 22:12.
Pushed by whiting into branch 'KDE/4.11'.

Escape cdata sections in string replacer xml export and unescape on import.
Thanks to Chen Levy <kde@chenlevy.com> for the bug report and patch.
FIXED-IN:4.11.3

(cherry picked from commit 1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07)

M  +5    -0    CMakeLists.txt
M  +15   -1    filters/stringreplacer/CMakeLists.txt
A  +19   -0    filters/stringreplacer/cdataescaper.cpp     [License: UNKNOWN]  *
A  +9    -0    filters/stringreplacer/cdataescaper.h     [License: UNKNOWN]  *
M  +19   -4    filters/stringreplacer/stringreplacerconf.cpp
M  +12   -3    filters/stringreplacer/stringreplacerproc.cpp
A  +35   -0    filters/stringreplacer/testcdataescaper.cpp     [License: UNKNOWN]  *
A  +16   -0    filters/stringreplacer/testcdataescaper.h     [License: UNKNOWN]  *

The files marked with a * at the end have a non valid license. Please read: http://techbase.kde.org/Policies/Licensing_Policy and use the headers which are listed at that page.


http://commits.kde.org/jovie/05a23fa386a8a3fee1e11385dff84da88ee3bbe8
Comment 4 Christoph Feck 2013-11-17 21:11:40 UTC
Jeremy, please add proper license headers.