Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

encoding/xml: isInCharacterRange checks for the wrong range #25172

artyom opened this Issue Apr 29, 2018 · 2 comments


None yet
3 participants
Copy link

artyom commented Apr 29, 2018

Function isInCharacterRange supposedly checks that rune is inside the range(s) allowed by Section 2.2 of the referenced spec, but if has typo defining (sub)range boundary, having 0xDF77 instead of 0xD7FF.


Lines 1136 to 1146 in af5143e

// Decide whether the given rune is in the XML Character Range, per
// the Char production of,
// Section 2.2 Characters.
func isInCharacterRange(r rune) (inrange bool) {
return r == 0x09 ||
r == 0x0A ||
r == 0x0D ||
r >= 0x20 && r <= 0xDF77 ||
r >= 0xE000 && r <= 0xFFFD ||
r >= 0x10000 && r <= 0x10FFFF


Char | ::= | #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]

This bug was masked because this function always gets its input from the call to utf8.DecodeRune that fails on surrogate range 0xd800-0xdfff.


This comment has been minimized.

Copy link

gopherbot commented Apr 29, 2018

Change mentions this issue: encoding/xml: fix valid character range

@ALTree ALTree added the NeedsFix label Apr 30, 2018

@ALTree ALTree added this to the Go1.11 milestone Apr 30, 2018


This comment has been minimized.

Copy link
Contributor Author

artyom commented May 9, 2018

Who should be the right person to ping regarding pending codereview?

@gopherbot gopherbot closed this in 4410934 May 9, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.