Bug 730169 – libxslt URI encoding issues

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 730169 - libxslt URI encoding issues


Summary:	libxslt URI encoding issues


Status:	RESOLVED OBSOLETE

Product:	libxslt
Classification:	Platform
Component:	general
Version:	git master
Hardware:	Other FreeBSD

Importance:	Normal normal
Target Milestone:	---
Assigned To:	Daniel Veillard
QA Contact:	libxml QA maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2014-05-15 06:59 UTC by SATYA
Modified:	2021-07-05 10:59 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description SATYA 2014-05-15 06:59:07 UTC

There are two problems with the str:encode-uri() function and one possible issue with the xf:escape-uri() function.

EXSLT spec for str:encode-uri():

http://www.exslt.org/str/functions/encode-uri/str.encode-uri.html

1. str:encode-uri() should escape the @ character if the boolean argument (escape reserved) is set to true, but it never does. Compare it to the behavior of the xf:escape-uri() function, which does handle this correctly:

str:encode-uri( "@", false() ) = @
str:encode-uri( "@", true() ) = @
xf:escape-uri( "@", false() ) = @
xf:escape-uri( "@", true() ) = %40

2. str:encode-uri() should not escape the % character if it is followed by 2 hexadecimal digits, but it always does. Again, compare it to the behavior of the xf:escape-uri() function, which handles it right:

str:encode-uri( "%example%1A", false() ) = %25example%251A
str:encode-uri( "%example%1A", true() ) = %25example%251A
xf:escape-uri( "%example%1A", false() ) = %25example%1A
xf:escape-uri( "%example%1A", true() ) = %25example%1A

The third issue is that I wanted to verify that the code for xf:escape-uri() wouldn't accidentally read beyond the end of the string when handing the % escaping behavior ? 

Please take a look at the xmlXPathEscapeUriFunction function in libxml2/xpath.c, in particular these lines:

(*cptr == '%' &&
((cptr[1] >= 'A' && cptr[1] <= 'F') ||
(cptr[1] >= 'a' && cptr[1] <= 'f') ||
(cptr[1] >= '0' && cptr[1] <= '9')) &&
((cptr[2] >= 'A' && cptr[2] <= 'F') ||
(cptr[2] >= 'a' && cptr[2] <= 'f') ||
(cptr[2] >= '0' && cptr[2] <= '9'))) ||

Thanks,
Satya

Comment 1 GNOME Infrastructure Team 2021-07-05 10:59:17 UTC

GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/libxslt/-/issues/

Thank you for your understanding and your help.