Skip to content

Commit 946158b

Browse files
xeno6696xeno6696
committed
Issue ESAPI#300 -- We need to get more data driven unit tests, but this issue is now completely whacked!
1 parent 914edd7 commit 946158b

6 files changed

Lines changed: 34 additions & 13 deletions

File tree

src/main/java/org/owasp/esapi/codecs/HTMLEntityCodec.java

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -286,9 +286,12 @@ private Integer getNamedEntity( PushbackSequence<Integer> input ) {
286286

287287
// kludge around PushbackString....
288288
len = Math.min(input.remainder().length(), entityToCharacterTrie.getMaxKeyLength());
289-
for(int i=0;i<len;i++)
290-
possible.append(input.next());
291-
289+
for(int i=0;i<len;i++){
290+
Integer next = input.next();
291+
if(null != next){
292+
possible.appendCodePoint(next);
293+
}
294+
}
292295
// look up the longest match
293296
entry = entityToCharacterTrie.getLongestMatch(possible);
294297
if(entry == null) {

src/main/java/org/owasp/esapi/codecs/MySQLCodec.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -178,7 +178,7 @@ public Character decodeCharacter( PushbackSequence<Character> input ) {
178178
* @return
179179
* A single character, decoded
180180
*/
181-
private Character decodeCharacterANSI( PushbackString input ) {
181+
private Character decodeCharacterANSI( PushbackSequence<Character> input ) {
182182
input.mark();
183183
Character first = input.next();
184184
if ( first == null ) {
@@ -214,7 +214,7 @@ private Character decodeCharacterANSI( PushbackString input ) {
214214
* @return
215215
* A single character from that string, decoded.
216216
*/
217-
private Character decodeCharacterMySQL( PushbackString input ) {
217+
private Character decodeCharacterMySQL( PushbackSequence<Character> input ) {
218218
input.mark();
219219
Character first = input.next();
220220
if ( first == null ) {

src/main/java/org/owasp/esapi/codecs/XMLEntityCodec.java

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,7 @@ public String encodeCharacter(char[] immune, Character c)
9191
* <li>&amp;name;</li>
9292
* </ul>
9393
*/
94-
public Character decodeCharacter(PushbackString input)
94+
public Character decodeCharacter(PushbackSequence<Character> input)
9595
{
9696
Character ret = null;
9797
Character first;
@@ -137,7 +137,7 @@ else if(Character.isLetter(second.charValue()))
137137
* is positioned at the character after the &amp;#
138138
* @return The character decoded or null on failure.
139139
*/
140-
private static Character getNumericEntity(PushbackString input)
140+
private static Character getNumericEntity(PushbackSequence<Character> input)
141141
{
142142
Character first = input.peek();
143143

@@ -174,7 +174,7 @@ private static Character int2char(int i)
174174
* the next char is not a 'x' or 'X'.
175175
* @return The character decoded or null on failutre.
176176
*/
177-
private static Character parseNumber(PushbackString input)
177+
private static Character parseNumber(PushbackSequence<Character> input)
178178
{
179179
StringBuilder sb = new StringBuilder();
180180
Character c;
@@ -209,7 +209,7 @@ private static Character parseNumber(PushbackString input)
209209
* is positioned at the character after the &amp;#[xX]
210210
* @return The character decoded or null on failutre.
211211
*/
212-
private static Character parseHex(PushbackString input)
212+
private static Character parseHex(PushbackSequence<Character> input)
213213
{
214214
Character c;
215215
StringBuilder sb = new StringBuilder();
@@ -268,7 +268,7 @@ private static Character parseHex(PushbackString input)
268268
* is positioned at the character after the &amp;.
269269
* @return The character decoded or null on failutre.
270270
*/
271-
private Character getNamedEntity(PushbackString input)
271+
private Character getNamedEntity(PushbackSequence<Character> input)
272272
{
273273
StringBuilder possible = new StringBuilder();
274274
Map.Entry<CharSequence,Character> entry;

src/test/java/org/owasp/esapi/codecs/AbstractCodecTest.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -574,7 +574,10 @@ public void testWindowsDecode()
574574

575575
public void testHtmlDecodeCharLessThan()
576576
{
577-
assertEquals( LESS_THAN, htmlCodec.decodeCharacter(new PushBackSequenceImpl("&lt;")) );
577+
Integer value = htmlCodec.decodeCharacter(new PushBackSequenceImpl("&lt;"));
578+
assertEquals(new Integer(60), value);
579+
StringBuilder sb = new StringBuilder().appendCodePoint(value);
580+
assertEquals( LESS_THAN.toString(), sb.toString());
578581
}
579582

580583
public void testPercentDecodeChar()

src/test/java/org/owasp/esapi/codecs/HTMLEntityCodecTest.java

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
package org.owasp.esapi.codecs;
2+
3+
import static org.junit.Assert.assertEquals;
4+
5+
import org.junit.Test;
6+
7+
public class HTMLEntityCodecTest {
8+
Codec<Integer> codec = new HTMLEntityCodec();
9+
10+
@Test
11+
public void testEntityDecoding(){
12+
assertEquals("<", codec.decode("&lt;"));
13+
assertEquals( "<", codec.decode("&LT"));
14+
assertEquals( "<", codec.decode("&lt;"));
15+
assertEquals( "<", codec.decode("&LT;"));
16+
}
17+
}

src/test/java/org/owasp/esapi/reference/EncoderTest.java

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -92,8 +92,6 @@ public static Test suite() {
9292
*
9393
* @throws EncodingException
9494
*/
95-
//FIXME: Remove @Ignore
96-
@Ignore
9795
public void testCanonicalize() throws EncodingException {
9896
System.out.println("canonicalize");
9997

0 commit comments

Comments
 (0)