Petals BC SQL

Control characters are not escaped

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.6.2
  • Fix Version/s: 1.6.3
  • Component/s: None
  • Security Level: Public
  • Description:
    Hide

    In a database, it is possible to have text values containing control characters (0x01 to 0x1f except whitespace 0x09, 0x0a, 0x0d) that are forbidden in XML.
    So, these characters are put in the XML response of the JDBC service as is, and so the XML can not be parsed with an error as following:

    lineNumber: 1; columnNumber: 121;  An invalid XML character (Unicode: 0x10) was found in the element content of the document.]
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(AbstractUnmarshallerImpl.java:335)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmarshalException(UnmarshallerImpl.java:526)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:223)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:189)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:157)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:125)
	...
    Show
    In a database, it is possible to have text values containing control characters (0x01 to 0x1f except whitespace 0x09, 0x0a, 0x0d) that are forbidden in XML. So, these characters are put in the XML response of the JDBC service as is, and so the XML can not be parsed with an error as following: 
    lineNumber: 1; columnNumber: 121;  An invalid XML character (Unicode: 0x10) was found in the element content of the document.]
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(AbstractUnmarshallerImpl.java:335)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmarshalException(UnmarshallerImpl.java:526)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:223)
	at com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:189)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:157)
	at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:125)
	...
  • Environment:
    -

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Christophe DENEUX added a comment - Tue, 21 Mar 2017 - 16:35:19 +0100 - edited

Even this problem can be solved at SQL request level replacing these characters by a valid char as something as:

SELECT Replace(COL1, char(16), '') ...

It's also a problem of XML encoding so we can add a new feature to manage correctly control characters. A best practice is to replace control character by `\uFFFD` (see http://www.fileformat.info/info/unicode/char/fffd/index.htm). A replacement by a value as `` is not valid because it's an HTML entity and has no real signification in XML point of view.

Show
Christophe DENEUX added a comment - Tue, 21 Mar 2017 - 16:35:19 +0100 - edited Even this problem can be solved at SQL request level replacing these characters by a valid char as something as: 
SELECT Replace(COL1, char(16), '') ...
It's also a problem of XML encoding so we can add a new feature to manage correctly control characters. A best practice is to replace control character by `\uFFFD` (see http://www.fileformat.info/info/unicode/char/fffd/index.htm). A replacement by a value as `` is not valid because it's an HTML entity and has no real signification in XML point of view.
Christophe DENEUX made changes - Tue, 21 Mar 2017 - 16:35:20 +0100
Field Original Value New Value
Status New [ 10000 ] Open [ 10002 ]
Priority Major [ 3 ]
Christophe DENEUX made changes - Tue, 21 Mar 2017 - 16:36:04 +0100
Status Open [ 10002 ] In Progress [ 10003 ]
Hide
Permalink
Christophe DENEUX added a comment - Wed, 22 Mar 2017 - 10:49:16 +0100

A new SU parameter 'ctrl-characters-replacement' has been introduced in trunk to replace all control characters by `\uFFFD`.

Show
Christophe DENEUX added a comment - Wed, 22 Mar 2017 - 10:49:16 +0100 A new SU parameter 'ctrl-characters-replacement' has been introduced in trunk to replace all control characters by `\uFFFD`.
Christophe DENEUX made changes - Wed, 22 Mar 2017 - 10:49:17 +0100
Status In Progress [ 10003 ] Resolved [ 10004 ]
Fix Version/s 1.6.3 [ 10685 ]
Resolution Fixed [ 1 ]
Transition Status Change Time Execution Times Last Executer Last Execution Date
New New Open Open
6m 41s
1
Christophe DENEUX
Tue, 21 Mar 2017 - 16:35:20 +0100
Open Open In Progress In Progress
44s
1
Christophe DENEUX
Tue, 21 Mar 2017 - 16:36:04 +0100
In Progress In Progress Resolved Resolved
18h 13m
1
Christophe DENEUX
Wed, 22 Mar 2017 - 10:49:17 +0100

People

Dates

  • Created:
    Tue, 21 Mar 2017 - 16:28:39 +0100
    Updated:
    Wed, 22 Mar 2017 - 10:49:17 +0100
    Resolved:
    Wed, 22 Mar 2017 - 10:49:16 +0100
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Petals ESB. Try JIRA - bug tracking software for your team.