Living In a Fool's Paradise

January 3, 2008

Living In a Fool’s Paradise

Instiki uses Maruku which, in turn, uses REXML to build a tree from its input, and then serializes the result. In theory, the result of serializing a REXML tree is well-formed XML.

require 'rexml/document'
foo = REXML::Document.new("<div>a&#x00;b</div>")
bar = REXML::Formatters::Default.new
out = String.new
bar.write(foo, out)
puts out

(and countless other variations on this theme).

Download the latest version. It’s been (somewhat) bullet-proofed against this sort of inanity.

¹ Sam Ruby has been exploring other bugs in REXML lately. I wish him the best of luck.

Posted by distler at January 3, 2008 9:06 PM

TrackBack URL for this Entry: https://golem.ph.utexas.edu/cgi-bin/MT-3.0/dxy-tb.fcgi/1559

Some Related Entries

3 Comments & 0 Trackbacks

Re: Living In a Fool’s Paradise

Have anything to add to this list?

Posted by: Sam Ruby on January 8, 2008 3:12 PM | Permalink | Reply to this

Bad things to test for

Raw utf-8, hex and decimal NCRs (missed by the W3C’s regexp):

'<a>\000</a>',
'<a>' + [65535].pack('U') + '</a>',
'<a>&#xffe;</a>',
'<a>&#65535;</a>',

Probably some other stuff, but those were the things that were previously able to slip through the cracks in Instiki.

Posted by: Jacques Distler on January 8, 2008 3:44 PM | Permalink | PGP Sig | Reply to this

Re: Living In a Fool’s Paradise

First installment.

Scan the page for TODOs, and then feel free to try to find any other holes.

Posted by: Sam Ruby on January 9, 2008 8:39 PM | Permalink | Reply to this

Musings

Skip to the Main Content

January 3, 2008