If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

XMLParser16 unescape does not handle lowercase hexadecimal sequences correctly

VERIFIED FIXED in flash10.1

Status

Tamarin
Virtual Machine
P3
normal
VERIFIED FIXED
8 years ago
8 years ago

People

(Reporter: Werner Sharp, Unassigned)

Tracking

unspecified
flash10.1
x86
Windows Vista
Bug Flags:
in-testsuite +
flashplayer-qrb +
flashplayer-triage +

Details

Attachments

(2 attachments)

(Reporter)

Description

8 years ago
Code in XMLParser::unescape needs to handle 'a' through 'f' as well as 'A' through 'F' for hexadecimal sequences:

            var tf:TextField = new TextField ();
            tf.text = "--" + new XML ("<foo>bar &#x20ac;</foo>");
            addChild (tf);

This code needs to be added after 'A' through 'F' check

			else if (ch >= 'a' && ch <= 'f')
			ch -= ('a' - 'A' + 7);

Updated

8 years ago
Flags: flashplayer-qrb+
Priority: -- → P3
Target Milestone: --- → flash10.2
(Reporter)

Comment 1

8 years ago
Created attachment 429110 [details] [diff] [review]
simple patch for fix already in 10.1
Attachment #429110 - Flags: review?(stejohns)
(Reporter)

Updated

8 years ago
Target Milestone: flash10.2 → flash10.1

Updated

8 years ago
Attachment #429110 - Flags: review?(stejohns) → review+

Comment 2

8 years ago
http://hg.mozilla.org/tamarin-redux/rev/56fc8969219c
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED

Comment 3

8 years ago
Created attachment 433567 [details] [diff] [review]
testcase
Attachment #433567 - Flags: review?(dschaffe)

Comment 4

8 years ago
Confirmed with old avmshell that it did not escape lowercase hex values
Flags: in-testsuite?
Flags: flashplayer-triage+

Updated

8 years ago
Attachment #433567 - Flags: review?(dschaffe) → review+

Comment 5

8 years ago
testcase pushed in:
tr-argo ->  3840:eebec82bfb22
tr -> 4089:eebec82bfb22
Status: RESOLVED → VERIFIED
Flags: in-testsuite? → in-testsuite+
You need to log in before you can comment on or make changes to this bug.