Petals BC SQL

Control characters are not escaped

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.6.2
  • Fix Version/s: 1.6.3
  • Component/s: None
  • Security Level: Public
  • Description:
    Hide

    In a database, it is possible to have text values containing control characters (0x01 to 0x1f except whitespace 0x09, 0x0a, 0x0d) that are forbidden in XML.
    So, these characters are put in the XML response of the JDBC service as is, and so the XML can not be parsed with an error as following:

    lineNumber: 1; columnNumber: 121;  An invalid XML character (Unicode: 0x10) was found in the element content of the document.]
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(AbstractUnmarshallerImpl.java:335)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmarshalException(UnmarshallerImpl.java:526)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:223)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:189)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:157)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:125)
	...
    Show
    In a database, it is possible to have text values containing control characters (0x01 to 0x1f except whitespace 0x09, 0x0a, 0x0d) that are forbidden in XML. So, these characters are put in the XML response of the JDBC service as is, and so the XML can not be parsed with an error as following: 
    lineNumber: 1; columnNumber: 121;  An invalid XML character (Unicode: 0x10) was found in the element content of the document.]
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(AbstractUnmarshallerImpl.java:335)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmarshalException(UnmarshallerImpl.java:526)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:223)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:189)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:157)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:125)
	...
  • Environment:
    -

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Christophe DENEUX added a comment - Tue, 21 Mar 2017 - 16:35:19 +0100 - edited

Even this problem can be solved at SQL request level replacing these characters by a valid char as something as:

SELECT Replace(COL1, char(16), '') ...

It's also a problem of XML encoding so we can add a new feature to manage correctly control characters. A best practice is to replace control character by `\uFFFD` (see http://www.fileformat.info/info/unicode/char/fffd/index.htm). A replacement by a value as `` is not valid because it's an HTML entity and has no real signification in XML point of view.

Show
Christophe DENEUX added a comment - Tue, 21 Mar 2017 - 16:35:19 +0100 - edited Even this problem can be solved at SQL request level replacing these characters by a valid char as something as: 
SELECT Replace(COL1, char(16), '') ...
It's also a problem of XML encoding so we can add a new feature to manage correctly control characters. A best practice is to replace control character by `\uFFFD` (see http://www.fileformat.info/info/unicode/char/fffd/index.htm). A replacement by a value as `` is not valid because it's an HTML entity and has no real signification in XML point of view.
Hide
Permalink
Christophe DENEUX added a comment - Wed, 22 Mar 2017 - 10:49:16 +0100

A new SU parameter 'ctrl-characters-replacement' has been introduced in trunk to replace all control characters by `\uFFFD`.

Show
Christophe DENEUX added a comment - Wed, 22 Mar 2017 - 10:49:16 +0100 A new SU parameter 'ctrl-characters-replacement' has been introduced in trunk to replace all control characters by `\uFFFD`.

People

Dates

  • Created:
    Tue, 21 Mar 2017 - 16:28:39 +0100
    Updated:
    Wed, 22 Mar 2017 - 10:49:17 +0100
    Resolved:
    Wed, 22 Mar 2017 - 10:49:16 +0100
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Petals ESB. Try JIRA - bug tracking software for your team.