You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4j-dev@logging.apache.org by bu...@apache.org on 2015/06/14 23:47:35 UTC
[Bug 58035] New: XMLLayout writes illegal characters to XML file
https://bz.apache.org/bugzilla/show_bug.cgi?id=58035
Bug ID: 58035
Summary: XMLLayout writes illegal characters to XML file
Product: Log4j
Version: 1.2
Hardware: PC
OS: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Appender
Assignee: log4j-dev@logging.apache.org
Reporter: 120db@hotmail.es
CC: mat.gessel@gmail.com, myles.bunbury@alcatel-lucent.com
Depends on: 49354
+++ This bug was initially created as a clone of Bug #49354 +++
XMLLayout does not appear to escape or scrub the log message to deal with
illegal characters. This can result in invalid XML output by log4j, which in
turn can cause XML parsers downstream to blow up.
A corner case we encountered while using log4j v1.2.15 produced the attached
XML output. The message, which usually has normal text, ended up having some
illegal XML characters in it. Stylus Studio reports the error on line 2, column
119 as follows:
FATAL ERROR: Invalid character (Unicode: 0x15)
This character is indeed illegal in XML, as per:
http://www.xml.com/axml/target.html#sec-cdata-sect
A nice summary can be found here:
http://www.coderanch.com/t/124970/XML/Invalid-Character-inside-CDATA
XMLLayout should ensure that what it write is legal XML, either by escaping
illegal characters, removing them, or replacing them.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org
[Bug 58035] XMLLayout writes illegal characters to XML file
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=58035
--- Comment #1 from Gary Gregory <ga...@gmail.com> ---
What happens with 1.2.17? Otherwise try 2.x with the 1.2 compatibility jar. 1.2
is not maintained atm.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org