DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=44391>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=44391 Summary: SSI handling of escaped characters broken Product: Tomcat 6 Version: 6.0.14 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] In org.apache.catalina.ssi.SSIProcessor the method parseParamNames is broken. If I have a SSI directive like <!--#set var="test" value="blubb\"\"" --> the method detects three parameters instead of two. This is because there are two consecutive escaped characters. Although the first one \" is detected correctly the next one isn't because the flag escaped is still set to true, although this character isn't escaped anymore. You have to replace boolean escaped = false; for (; bIdx < cmd.length() && quotes != 2; bIdx++) { char c = cmd.charAt(bIdx); // Need to skip escaped characters if (c == '\\' && !escaped) { escaped = true; bIdx++; continue; } escaped = false; if (c == '"') quotes++; } by for (; bIdx < cmd.length() && quotes != 2; bIdx++) { char c = cmd.charAt(bIdx); // Need to skip escaped characters if (c == '\\') { bIdx++; continue; } if (c == '"') quotes++; } Just removing the flag escaped is sufficient, because you don't have to remember whether the last character was escaped and that should have no influence to consecutive characters. The bug still exists in the HEAD revision of the repository. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
