[xml] Re: [xmlsec] exc c14n w/o comments bug

From: Aleksey Sanin <aleksey aleksey com>
To: Tomas Sieger <tomas sieger systinet com>
Cc: xml gnome org, aleksey xml sec lib <xmlsec aleksey com>
Subject: [xml] Re: [xmlsec] exc c14n w/o comments bug
Date: Tue, 04 May 2004 08:40:35 -0700

Hi, Tomas!

Yes, you are right it is a bug and with the same roots: the namespace
declaration in the element is different from the attribute namespace.

I am really sorry that I did not get to this problem. I just have
no time left these days. But I have it on my "todo" list and I will
look at it as soon as I can.

Sorry for inconvenience,
Aleksey


Tomas Sieger wrote:

Hi,
I found another "mutation" of the bug I already reported several weeksago: multiple namespace declaration in the output of the exclusive c14nw/o comments.
This time, the bug is really serious. Even libxml2 can't parse its ownoutput :-))).
You can reproduce the bug using the attached files.

Run:

  ./testC14N --exc-without-comments b.xml b.xpath

I can see this output:

<wn1:ticket
xmlns:i="http://www.w3.org/2001/XMLSchema-instance";xmlns:i="http://www.w3.org/2001/XMLSchema-instance";xmlns:wn0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";xmlns:wn1="http://xmlsoap.org/Ping"; wn0:Id="Id-Ticket1" i:nil="true"i:type="wn1:ticketType"></wn1:ticket>
Note the "i" namespace is declared for two times!

regards,
 Tomas


------------------------------------------------------------------------

<?xml version="1.0" encoding="UTF-8"?>
<e:Envelope xmlns:d="http://www.w3.org/2001/XMLSchema"; xmlns:e="http://schemas.xmlsoap.org/soap/envelope/"; 
xmlns:i="http://www.w3.org/2001/XMLSchema-instance"; 
xmlns:wn0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wn1="http://xmlsoap.org/Ping";>
  <e:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; 
wsu:Id="Body-Id-9e6a3de0-9dd4-11d8-befa-994b8300befa">
    <wn1:Ping i:type="wn1:ping">
      <wn1:ticket wn0:Id="Id-Ticket1" i:nil="true" i:type="wn1:ticketType"/>
      <wn1:text i:type="d:string">Systinet - Scenario #5</wn1:text>
    </wn1:Ping>
  </e:Body>
</e:Envelope>


------------------------------------------------------------------------

<XPath xmlns:wn1="http://xmlsoap.org/Ping";>
(//. | //@* | //namespace::*)[ancestor-or-self::wn1:ticket]
</XPath>

Follow-Ups:
- [xml] Re: [xmlsec] exc c14n w/o comments bug
  - From: xs04 . jmdesp

References:
- [xml] exc c14n w/o comments bug
  - From: Tomas Sieger

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]