[
https://issues.apache.org/jira/browse/SHIRO-530?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17070350#comment-17070350
]
Benjamin Marwell commented on SHIRO-530:
----------------------------------------
[~bdemers] please close this, it is invalid. Code is from 2010-10-12.
In file {color:#0747a6}{{IniTest.groovy}}{color}:
{code:java}
@Test
public void testIsContinued() {
//no slashes
String line = "prop = value ";
assertFalse(Ini.Section.isContinued(line));
//1 slash (odd number, but edge case):
line = "prop = value" + Ini.ESCAPE_TOKEN;
assertTrue(Ini.Section.isContinued(line));
//2 slashes = even number
line = "prop = value" + Ini.ESCAPE_TOKEN + Ini.ESCAPE_TOKEN;
assertFalse(Ini.Section.isContinued(line));
//3 slashes = odd number
line = "prop = value" + Ini.ESCAPE_TOKEN + Ini.ESCAPE_TOKEN +
Ini.ESCAPE_TOKEN;
assertTrue(Ini.Section.isContinued(line));
}
{code}
In file {color:#0747a6}{{Ini.java}}{color}:
{code:java}
private static Map<String, String> toMapProps(String content) {
Map<String, String> props = new LinkedHashMap<String, String>();
String line;
StringBuilder lineBuffer = new StringBuilder();
Scanner scanner = new Scanner(content);
while (scanner.hasNextLine()) {
line = StringUtils.clean(scanner.nextLine());
if (isContinued(line)) {
//strip off the last continuation backslash:
line = line.substring(0, line.length() - 1);
lineBuffer.append(line);
continue;
} else {
lineBuffer.append(line);
}
line = lineBuffer.toString();
lineBuffer = new StringBuilder();
String[] kvPair = splitKeyValue(line);
props.put(kvPair[0], kvPair[1]);
}
return props;
}
{code}
I added another test to make sure, but the coverage did not change.
{code:java}
@Test
public void shouldContinue() {
String test =
"prop1 = value1, \\" + NL +
"value2";
Ini ini = new Ini();
ini.load(test);
assertNotNull(ini.getSections());
assertEquals(1, ini.getSections().size());
Ini.Section section = ini.getSections().iterator().next();
assertEquals(Ini.DEFAULT_SECTION_NAME, section.getName());
assertFalse(section.isEmpty());
assertEquals(1, section.size());
assertThat(section.get("prop1"), containsString("value1,"))
assertThat(section.get("prop1"), containsString("value2"))
}
{code}
> INI parser does not properly handled backslashes at end of values
> -----------------------------------------------------------------
>
> Key: SHIRO-530
> URL: https://issues.apache.org/jira/browse/SHIRO-530
> Project: Shiro
> Issue Type: Bug
> Components: Configuration
> Affects Versions: 1.2.3
> Reporter: atomicknight
> Priority: Major
>
> The backslash character is overloaded for use as a continuation delimiter as
> well as an escape character. However, the parsing logic does not presently
> handle this character consistently, which prevents the use of odd numbers of
> backslashes at the end of values. Here is a matrix of examples:
> ||Original value||Parsed value||Notes||
> |{noformat}
> key=value\
> {noformat}|{noformat}
> key=value
> {noformat}|Backslash treated as continuation delimiter|
> |{noformat}
> key=value\\
> {noformat}|{noformat}
> key=value\\
> {noformat}|Backslashes treated as literal characters|
> |{noformat}
> key=value\\\
> {noformat}|{noformat}
> key=value\\
> {noformat}|Final backslash treated as continuation delimiter, other
> backslashes treated as literal characters|
> |{noformat}
> key=value\\\\
> {noformat}|{noformat}
> key=value\\\\
> {noformat}|Backslashes treated as literal characters|
> There is a comment in Ini.Section#isContinued(String) that states:
> {quote}
> //find the number of backslashes at the end of the line. If an even number,
> the
> //backslashes are considered escaped. If an odd number, the line is
> considered continued on the next line
> {quote}
> However, there is no unescaping logic in either
> Ini.Section#toMapProps(String) (which calls #isContinued) or
> IniSection#splitKeyValue(String).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
