Bug 809006 - Double escaping html strings
Double escaping html strings
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: cumin (Show other bugs)
Unspecified Unspecified
low Severity medium
: 2.3
: ---
Assigned To: Chad Roberts
Stanislav Graf
Depends On:
  Show dependency treegraph
Reported: 2012-04-02 04:19 EDT by Stanislav Graf
Modified: 2013-05-23 09:22 EDT (History)
3 users (show)

See Also:
Fixed In Version: cumin-0.1.5492-1
Doc Type: Bug Fix
Doc Text:
Cause: Strings containing special XML characters were being double-escaped. Consequence: Text containing special XML characters was being displayed incorrectly. Fix: Our xml_escape routine is now preventing double-escaping. Result: Strings that contain special XML characters should now display correctly.
Story Points: ---
Clone Of:
Last Closed: 2013-03-06 13:43:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Stanislav Graf 2012-04-02 04:19:32 EDT
Description of problem:
During verification of Bug 438142
I found possible double escaping in Messaging › amqp-broker › Queue

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Messaging › amqp-broker
2. Add queue - <script>alert(1)</script>
3. Look into queue details
Actual results:

Expected results:

Additional info:
Comment 1 Stanislav Graf 2012-04-02 05:03:01 EDT
The same with drilling into submitted job. 'Details tab' with queue name or job description looks ok, but Breadcrumbs above are broken.
Comment 3 Trevor McKay 2012-04-02 06:21:29 EDT
(In reply to comment #1)
> The same with drilling into submitted job. 'Details tab' with queue name or job
> description looks ok, but Breadcrumbs above are broken.

Yes, this is probably a bug.  This comes under my comment from 438142:

"There are a few other places where I inadvertently created double escapes, like
breadcrumbs, however these are harder to track down and no legitimate objects
are at all likely to contain <, &, or > anyway so the double escape doesn't
really matter."
Comment 4 Stanislav Graf 2012-04-03 04:12:37 EDT
Also present in 
Go to cumin-grid-configuration-'Create tag'
Comment 5 Trevor McKay 2012-07-25 16:05:22 EDT
Changed the title of this BZ.

This is a general problem that I believe can be handled in the xml_escape() routine itself.  The code needs to check for escape sequences in the string passed in and act accordingly.
Comment 6 Chad Roberts 2012-09-18 15:54:13 EDT
Fixed in trunk revision 5470.
Comment 10 Stanislav Graf 2013-01-10 08:27:04 EST
Tested on RHEL 5/6 i386/x86_64

Comment 0
Comment 1 - Job submission is sanitized for XML special characters
Comment 4

Comment 12 errata-xmlrpc 2013-03-06 13:43:28 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.