Bug 326702

Summary: String replacer filter, does not escape match and subst patterns before store into xml configuration file
Product: [Unmaintained] jovie Reporter: Levy, Chen <kde>
Component: GeneralAssignee: Jeremy Whiting <jpwhiting>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Linux   
Latest Commit: http://commits.kde.org/jovie/05a23fa386a8a3fee1e11385dff84da88ee3bbe8 Version Fixed In: 4.11.3
Sentry Crash Report:
Attachments: fix the bug

Description Levy, Chen 2013-10-26 19:29:08 UTC 
When adding a word or regex patterns as match (search) or subst (replace) it is stored as-is in an XML configuration file as CDATA. However there is an illegal sequence that can be a valid pattern, and if not escaped will result in an in-valid XML file: "]]>", and the framework does not escape this sequence automatically.

We thus need to escape the patterns manually before storing them into the config file, and unescape them when reading from that file.


Reproducible: Always

Steps to Reproduce:
1. create a string replacer filter.
2. add a pattern that has "]]>" in it.
3. Observer the resulting xml file.
Actual Results:  
The xml configuration file is corrupted, and the filter can not be reloaded.

Expected Results:  
Such a sequence should be escaped to be "]]&gt;", and the pattern should be reloaded when reopening this filter dialog.
Comment 1 Levy, Chen 2013-10-26 19:35:41 UTC 
Created attachment 83135 [details]
fix the bug

I was able to build and run the unit-test on this bug, but not to create an environment to test the result binaries.
Comment 2 Jeremy Whiting 2013-10-29 22:18:15 UTC 
Git commit 1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07 by Jeremy Whiting.
Committed on 29/10/2013 at 22:12.
Pushed by whiting into branch 'master'.

Escape cdata sections in string replacer xml export and unescape on import.
Thanks to Chen Levy <kde@chenlevy.com> for the bug report and patch.
FIXED-IN:4.11.3

M  +5    -0    CMakeLists.txt
M  +15   -1    filters/stringreplacer/CMakeLists.txt
A  +19   -0    filters/stringreplacer/cdataescaper.cpp     [License: UNKNOWN]  *
A  +9    -0    filters/stringreplacer/cdataescaper.h     [License: UNKNOWN]  *
M  +19   -4    filters/stringreplacer/stringreplacerconf.cpp
M  +12   -3    filters/stringreplacer/stringreplacerproc.cpp
A  +35   -0    filters/stringreplacer/testcdataescaper.cpp     [License: UNKNOWN]  *
A  +16   -0    filters/stringreplacer/testcdataescaper.h     [License: UNKNOWN]  *

The files marked with a * at the end have a non valid license. Please read: http://techbase.kde.org/Policies/Licensing_Policy and use the headers which are listed at that page.


http://commits.kde.org/jovie/1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07
Comment 3 Jeremy Whiting 2013-10-29 22:18:45 UTC 
Git commit 05a23fa386a8a3fee1e11385dff84da88ee3bbe8 by Jeremy Whiting.
Committed on 29/10/2013 at 22:12.
Pushed by whiting into branch 'KDE/4.11'.

Escape cdata sections in string replacer xml export and unescape on import.
Thanks to Chen Levy <kde@chenlevy.com> for the bug report and patch.
FIXED-IN:4.11.3

(cherry picked from commit 1bcbb7c8ed42095e53b9e7a55e4e4a2ed9c82f07)

M  +5    -0    CMakeLists.txt
M  +15   -1    filters/stringreplacer/CMakeLists.txt
A  +19   -0    filters/stringreplacer/cdataescaper.cpp     [License: UNKNOWN]  *
A  +9    -0    filters/stringreplacer/cdataescaper.h     [License: UNKNOWN]  *
M  +19   -4    filters/stringreplacer/stringreplacerconf.cpp
M  +12   -3    filters/stringreplacer/stringreplacerproc.cpp
A  +35   -0    filters/stringreplacer/testcdataescaper.cpp     [License: UNKNOWN]  *
A  +16   -0    filters/stringreplacer/testcdataescaper.h     [License: UNKNOWN]  *

The files marked with a * at the end have a non valid license. Please read: http://techbase.kde.org/Policies/Licensing_Policy and use the headers which are listed at that page.


http://commits.kde.org/jovie/05a23fa386a8a3fee1e11385dff84da88ee3bbe8
Comment 4 Christoph Feck 2013-11-17 21:11:40 UTC 
Jeremy, please add proper license headers.