Backups/JSON-java
1
0
Fork 0
mirror of https://github.com/stleary/JSON-java.git synced 2026-05-20 00:00:59 -04:00
Code Issues Projects Releases Wiki Activity

Validate XML numeric character references before string construction

Browse Source
This commit is contained in:
Yuki Matsuhashi
2026-03-24 03:55:29 +09:00
parent b959027aa2
commit 1877069780
3 changed files with 40 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/test/java/org/json/junit/XMLTest.java
+36
View File
@@ -1468,6 +1468,42 @@ public class XMLTest {
XML.toJSONObject(xmlStr);
}
/**
* Tests that out-of-range hex entities throw JSONException rather than an uncaught runtime exception.
*/
@Test(expected = JSONException.class)
public void testOutOfRangeHexEntityThrowsJSONException() {
String xmlStr = "<a>&#x110000;</a>";
XML.toJSONObject(xmlStr);
}
/**
* Tests that out-of-range decimal entities throw JSONException rather than an uncaught runtime exception.
*/
@Test(expected = JSONException.class)
public void testOutOfRangeDecimalEntityThrowsJSONException() {
String xmlStr = "<a>&#1114112;</a>";
XML.toJSONObject(xmlStr);
}
/**
* Tests that surrogate code point entities throw JSONException.
*/
@Test(expected = JSONException.class)
public void testSurrogateHexEntityThrowsJSONException() {
String xmlStr = "<a>&#xD800;</a>";
XML.toJSONObject(xmlStr);
}
/**
* Tests that out-of-range numeric entities in attribute values throw JSONException.
*/
@Test(expected = JSONException.class)
public void testOutOfRangeHexEntityInAttributeThrowsJSONException() {
String xmlStr = "<a b=\"&#x110000;\"/>";
XML.toJSONObject(xmlStr);
}
/**
* Tests that valid decimal numeric entity &#65; works correctly.
* Should decode to character 'A'.