You are viewing a plain text version of this content. The canonical link for it is here.

Posted to log4j-dev@logging.apache.org by bu...@apache.org on 2013/10/12 01:58:59 UTC

[Bug 49354] XMLLayout writes illegal characters to XML file

https://issues.apache.org/bugzilla/show_bug.cgi?id=49354

Mat Gessel <ma...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mat.gessel@gmail.com

--- Comment #4 from Mat Gessel <ma...@gmail.com> ---
I have run into this a few times logging errors that occur authenticating via
JNDI against an ActiveDirectory server. Either JNDI or AD returns an error
message that is terminated with a NUL (0x00) character. The NUL char is illegal
in a CDATA section (or anywhere in an XML document for that matter). 

I have represented the NUL char as <<NUL>> below. 

<log4j:event logger="com.co.authn.LDAPAuthenticator" timestamp="1349723665747"
level="INFO" thread="http-8443-57">
<log4j:message>
<![CDATA[authenticate(user: bob, domain: foo.com): failed with
javax.naming.AuthenticationException message [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525,
v1772<<NUL>>]]]>
</log4j:message>
</log4j:event>

Looks like the place to do the escaping is
org.apache.log4j.helpers.Transform.appendEscapingCDATA().

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org

Re: [Bug 49354] XMLLayout writes illegal characters to XML file

Posted by Remko Popma <re...@gmail.com>.

Mat,

Log4j is not actively maintained any more. Does this issue still exist with log4j-2? If so, can I ask you to raise a ticket in the log4j-2 Jira issue tracker?
(http://logging.apache.org/log4j/2.x/issue-tracking.html)

Best regards,
Remko

Sent from my iPhone

> On 2013/10/12, at 8:58, bugzilla@apache.org wrote:
> 
> https://issues.apache.org/bugzilla/show_bug.cgi?id=49354
> 
> Mat Gessel <ma...@gmail.com> changed:
> 
>           What    |Removed                     |Added
> ----------------------------------------------------------------------------
>                 CC|                            |mat.gessel@gmail.com
> 
> --- Comment #4 from Mat Gessel <ma...@gmail.com> ---
> I have run into this a few times logging errors that occur authenticating via
> JNDI against an ActiveDirectory server. Either JNDI or AD returns an error
> message that is terminated with a NUL (0x00) character. The NUL char is illegal
> in a CDATA section (or anywhere in an XML document for that matter). 
> 
> I have represented the NUL char as <<NUL>> below. 
> 
> <log4j:event logger="com.co.authn.LDAPAuthenticator" timestamp="1349723665747"
> level="INFO" thread="http-8443-57">
> <log4j:message>
> <![CDATA[authenticate(user: bob, domain: foo.com): failed with
> javax.naming.AuthenticationException message [LDAP: error code 49 - 80090308:
> LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525,
> v1772<<NUL>>]]]>
> </log4j:message>
> </log4j:event>
> 
> Looks like the place to do the escaping is
> org.apache.log4j.helpers.Transform.appendEscapingCDATA().
> 
> -- 
> You are receiving this mail because:
> You are the assignee for the bug.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
> For additional commands, e-mail: log4j-dev-help@logging.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org