pumbaaho / blender2ogre

Automatically exported from code.google.com/p/blender2ogre
GNU Lesser General Public License v2.1
0 stars 0 forks source link

XML Attributes not properly escaped in .scene file #44

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Turn on cycles renderer
2. Export .scene
3. Attribute of user_data element contains quotes that break XML parser

What is the expected output? What do you see instead?

Expected: 

<user_data type="Blender IDProperty" name="cycles_visibility" value='&lt;bpy id 
property from "OBGreenWall"&gt;' />

What I see instead:

<user_data type="Blender IDProperty" name="cycles_visibility" value="<bpy id 
property from "OBGreenWall">" />

What version of the product are you using? On what operating system?

Latest hg checkout, Linux x86_64

Please provide any additional information below.

Your XML printer doesn't escape quotations in attribute values, causing this 
problem and breaking the RapidXML dot scene loader on the OGRE wiki. It is 
possible this would affect other attributes as well, but so far I only see it 
on user_data elements as noted above.

A quick two-line patch to fix this:

diff -r 70061fd7d83a io_export_ogreDotScene.py
--- a/io_export_ogreDotScene.py Fri Nov 18 10:32:52 2011 +0800
+++ b/io_export_ogreDotScene.py Mon Jan 09 03:52:02 2012 -0500
@@ -195,7 +195,7 @@
     sys.exit('OK: module compiled and cached')

 import hashlib, getpass, tempfile, configparser, subprocess, pickle
-from xml.sax.saxutils import XMLGenerator
+from xml.sax.saxutils import XMLGenerator, quoteattr

@@ -999,7 +999,7 @@
        s = '<%s ' %self.tagName
        for name in self.attributes:
            value = self.attributes[name]
-           s += '%s="%s" ' %(name,value)
+           s += '%s=%s ' %(name, quoteattr(value))
        if not self.childNodes:
            s += '/>'; lines.append( ('\t'*indent)+s )
        else:

Thanks,
Max

Original issue reported on code.google.com by mjko...@gmail.com on 9 Jan 2012 at 8:57

GoogleCodeExporter commented 9 years ago
Fixed in 
http://code.google.com/p/blender2ogre/source/detail?r=b4fa1e3f38174deaab0e2af079
a255c72ef70082

Thanks for the code, was easy to use that :)

Original comment by jo...@adminotech.com on 10 Sep 2012 at 12:00