camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dmitry Zolotukhin <zlo...@gmail.com>
Subject Incorrect string replacement order in Camel SNMP?
Date Fri, 02 Oct 2015 21:31:28 GMT
Hi,

In Camel SNMP, the org.apache.camel.component.snmp.SnmpConverters class has a static “getXmlSafeString”
method which escapes unsafe characters by replacing them. However, the order of applying replacements
is not correct:

    private static String getXmlSafeString(String string) {
        return string.replaceAll("<", "&lt;").replaceAll(">", "&gt;").replaceAll("&",
"&amp;").replaceAll("\"", "&quot;").replaceAll("'", "&apos;");
    }

It replaces “<” with “&lt;” at first, then the “&” is replaced with
“&amp;”. This means that a “<” character in the input string will be changed
to “&lt;”, and then into “&amp;lt;”, which is not the intended behavior.

This could be fixed by applying the “replaceAll("&", "&amp;")” transformation
first.



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message