demba90 / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java
Other
0 stars 0 forks source link

Bug found in union() method of EncoderConstants class. #184

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
The attached TestNG unit test will expose the bug within the union() method of 
the src\main\java\org\owasp\esapi\EncoderConstants.java source, and demonstrate 
the expected output.

Note: We appear to be using version 1.4, as this method has now been moved to 
the StringUtilities.java class.  The logic is the same, though.

This issue isn't specific to an operating system or browser.

Here is a solution that fixes the problem –

     public static char[] union(char[]... list) {

       StringBuilder sb = new StringBuilder();

       for (char[] characters : list) {

               for (int i = 0; i < characters.length; i++) {

                   if (!contains(sb, characters[i])) {

                       sb.append(characters[i]);

                   }

               }

       }

         char[] toReturn = new char[sb.length()];

         sb.getChars(0, sb.length(), toReturn, 0);

         Arrays.sort(toReturn);

         return toReturn;

     }

Original issue reported on code.google.com by coa...@gmail.com on 12 Nov 2010 at 10:21

Attachments:

GoogleCodeExporter commented 8 years ago
This is actually a bug with the StringUtilities class, not the EncoderConstants 
class.

Original comment by coa...@gmail.com on 13 Nov 2010 at 8:04

GoogleCodeExporter commented 8 years ago
This should be fixed as a result of fixing issue # 323 which was closed in July 
2014 by revision r1943.

Original comment by kevin.w.wall@gmail.com on 30 Sep 2014 at 12:27