Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

encoding/xml: Decoder does not handle external entities correctly #4196

Closed
gopherbot opened this Issue Oct 5, 2012 · 6 comments

Comments

Projects
None yet
2 participants
@gopherbot
Copy link

gopherbot commented Oct 5, 2012

by yogischogi:

What steps will reproduce the problem?
If possible, include a link to a program on play.golang.org.

Decode a DocBook file containing external entities
http://play.golang.org/p/-szb21L82T

What is the expected output?

Entity names with a trailing ";"


What do you see instead?

1. When Decoder.Strict = true 
   the decoder reports an error
   "Invalid character entity".

2. When Decoder.Strict = false
   in most cases, the trailing ";" is not appended.
   When the entity contains "-" the ";" is appended.


Which version are you using?  (run 'go version')

go1.0.3
@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Oct 5, 2012

Comment 1:

Labels changed: added priority-later, go1.1, removed priority-triage.

Status changed to Accepted.

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Dec 10, 2012

Comment 3:

Labels changed: added size-m.

@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Dec 10, 2012

Comment 4:

Labels changed: added suggested.

@gopherbot

This comment has been minimized.

Copy link
Author

gopherbot commented Feb 6, 2013

Comment 5 by ymotongpoo:

I'm working on this.
@rsc

This comment has been minimized.

Copy link
Contributor

rsc commented Mar 12, 2013

Comment 6:

Fixed at tip, will be in Go 1.1.
Not sure when it was fixed, but http://play.golang.org/p/-szb21L82T works for me (see
below). I agree that the sandbox at Go 1.0.3 still has the bug.
g% cat x.go
package main
import (
    "encoding/xml"
    "fmt"
    "io"
    "strings"
)
func main() {
    docBook := `<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
    "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"
    [<!ENTITY preface SYSTEM "preface.xml">
     <!ENTITY town-and-country SYSTEM "town-and-country.xml">
]>
<article>
&preface;
&town-and-country;
</article>`
    decoder := xml.NewDecoder(strings.NewReader(docBook))
    decoder.Strict = false
    for {
        token, err := decoder.Token()
        if err != nil && err != io.EOF {
            fmt.Printf("Error! Decoding XML failed: %v\n", err)
            break
        }
        if token == nil {
            break
        }
        switch element := token.(type) {
        case xml.CharData:
            fmt.Printf("%s\n", element)
        }
    }
}
g% go run x.go
&preface;
&town-and-country;
g%

Status changed to Fixed.

@gopherbot

This comment has been minimized.

Copy link
Author

gopherbot commented Mar 13, 2013

Comment 7 by yogischogi:

Looks fine. Thanks to everyone who has been working on this.

@rsc rsc added this to the Go1.1 milestone Apr 14, 2015

@rsc rsc removed the go1.1 label Apr 14, 2015

@golang golang locked and limited conversation to collaborators Jun 24, 2016

This issue was closed.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.