GNU bug report logs -
#38269
SSAX incorrect handling of > in CDATA
Previous Next
To reply to this bug, email your comments to 38269 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org:
bug#38269; Package
guile.
(Tue, 19 Nov 2019 14:50:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Andrew Gierth <andrew <at> tao11.riddles.org.uk>:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org.
(Tue, 19 Nov 2019 14:50:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
The bug:
> (xml->sxml "<e><![CDATA[>]]></e>")
$2 = (*TOP* (e ">"))
The expected result is (*TOP* (e ">")).
In upstream/SSAX.scm:
; procedure+: ssax:read-cdata-body PORT STR-HANDLER SEED
[...]
; Within a CDATA section all characters are taken at their face value,
; with only three exceptions:
[..]
; > is treated as an embedded #\> character
This handling of > is contrary to the XML specification, in which
there are no special character sequences inside CDATA except newline and
the "]]>" closing tag. I have confirmed this by checking other XML
parsers. The code seems to be based on a wild misreading of another
section of the specification that does not apply here. (And
unfortunately, the W3C validation suite for XML happens not to contain
any instances of > inside CDATA.)
I believe the fix should be as simple as removing the entire (#\&) case
from the function (and fixing the test cases).
This bug seems to exist in all versions of SSAX.
--
Andrew.
This bug report was last modified 5 years and 207 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.