You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by bu...@apache.org on 2008/05/13 09:30:43 UTC

DO NOT REPLY [Bug 44984] New: if base64 is used after xpath expression it should extract only text nodes

https://issues.apache.org/bugzilla/show_bug.cgi?id=44984

           Summary: if base64 is used after xpath expression it should
                    extract only text nodes
           Product: Security
           Version: cvs
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: C++ Signature
        AssignedTo: security-dev@xml.apache.org
        ReportedBy: Matej.Spiller@siol.net


DSIGTransformBase64.cpp function appendTransformer does not extract text()
nodes if input is xpath transformation

if (input->getLastTxfm()->getNodeType() != TXFMBase::DOM_NODE_XPATH_NODESET)
then it adds self::text() xpath transformation.

However even if input is already xpath_nodeset it should have self::text()
transformation applied.

from standard:
This transform requires an octet stream for input. If an XPath node-set (or
sufficiently functional alternative) is given as input, then it is converted to
an octet stream by performing operations logically equivalent to 1) applying an
XPath transform with expression self::text(), then 2) taking the string-value
of the node-set. Thus, if an XML element is identified by a barename XPointer
in the Reference URI, and its content consists solely of base64 encoded
character data, then this transform automatically strips away the start and end
tags of the identified element and any of its descendant elements as well as
any descendant comments and processing instructions. The output of this
transform is an octet stream.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

DO NOT REPLY [Bug 44984] if base64 is used after xpath expression it should extract only text nodes

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=44984

--- Comment #1 from Scott Cantor <ca...@osu.edu> 2010-05-11 17:25:49 EDT ---
Just looking at this, and my suspicion is that the check is in there because
the code provided to add the self::text() transform would break or not do the
right thing if the input is XPath.

Have you tested with the change of removing the getNodeType check altogether?

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.