search

rjatkins / owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy
0 stars 0 forks source link

out of memory: junit : antisamy-myspace-1.2 , antisamy-ebay-1.2 #37

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. see junit test below

What is the expected output? What do you see instead?
expected:cleaned html
actual: out of memory

What version of the product are you using? On what operating system?
        <dependency>
            <groupId>antisamy</groupId>
            <artifactId>antisamy-bin</artifactId>
            <version>1.2</version>
        </dependency>       
        <dependency>
            <groupId>batik</groupId>
            <artifactId>batik-css</artifactId>
            <version>1.6-1</version>
        </dependency>
         <dependency>
            <groupId>batik</groupId>
            <artifactId>batik-util</artifactId>
            <version>1.6-1</version>
        </dependency> 
        <dependency>
            <groupId>xml-apis</groupId>
            <artifactId>xml-apis-ext</artifactId>
            <version>1.3.04</version>
        </dependency>       
        <dependency>
            <groupId>xml-apis</groupId>
            <artifactId>xml-apis</artifactId>
            <version>2.0.2</version>
        </dependency>     
        <dependency>
            <groupId>xerces</groupId>
            <artifactId>xercesImpl</artifactId>
            <version>2.9.1</version>
        </dependency> 
        <dependency>
            <groupId>net.sourceforge.nekohtml</groupId>
            <artifactId>nekohtml</artifactId>
            <version>1.9.11</version>
        </dependency>

Please provide any additional information below.
[code]

import junit.framework.TestCase;

import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;

public class CleanerTest extends TestCase {
    String dirty = "<a onblur=\"try {parent.deselectBloggerImageGracefully();}
catch(e) {}\"
href=\"http://www.charityadvantage.com/ChildrensmuseumEaston/images/BookswithBil
l.jpg\"><img
style=\"FLOAT: right; MARGIN: 0px 0px 10px 10px; WIDTH: 150px; CURSOR:
hand; HEIGHT: 100px\" alt=\"\"
src=\"http://www.charityadvantage.com/ChildrensmuseumEaston/images/BookswithBill
.jpg\"
border=\"0\" /></a><br />Poor Bill, couldn't make it to the Museum's <span
class=\"blsp-spelling-corrected\" id=\"SPELLING_ERROR_0\">story time</span>
today, he was so busy shoveling! Well, we sure missed you Bill! So since
you were busy moving snow we read books about snow. We found a clue in one
book which revealed a snowplow at the end of the story - we wish it had
driven to your driveway Bill. We also read a story which shared fourteen
<em>Names For Snow. </em>We'll catch up with you next week....wonder which
hat Bill will wear?<br />Jane" ;        

    /**
     * produces an out of memory error
     * @throws Exception
     */
    public void testMySpaceCleaner() throws Exception {
        AntiSamy as = new AntiSamy();
        Policy policy =
Policy.getInstance(this.getClass().getClassLoader().getResourceAsStream("antisam
y-myspace-1.2.xml"));
        CleanResults cr = as.scan(dirty, policy);
        assertNotNull( cr.getCleanHTML() ) ;
    }
    /**
     * produces an out of memory error
     * @throws Exception
     */
    public void testEBayCleaner() throws Exception {
        AntiSamy as = new AntiSamy();
        Policy policy =
Policy.getInstance(this.getClass().getClassLoader().getResourceAsStream("antisam
y-ebay-1.2.xml"));
        CleanResults cr = as.scan(dirty, policy);
        assertNotNull( cr.getCleanHTML() ) ;
    }

    /**
     * works
     * @throws Exception
     */
    public void testSlashdotCleaner() throws Exception {
        AntiSamy as = new AntiSamy();
        Policy policy =
Policy.getInstance(this.getClass().getClassLoader().getResourceAsStream("antisam
y-slashdot-1.2.xml"));
        CleanResults cr = as.scan(dirty, policy);
        assertNotNull( cr.getCleanHTML() ) ;
    }

}
[/code]

Original issue reported on code.google.com by walsh.br...@gmail.com on 23 Feb 2009 at 7:43

GoogleCodeExporter commented 9 years ago

Original comment by arshan.d...@gmail.com on 4 Mar 2009 at 4:14

GoogleCodeExporter commented 9 years ago 
This is fixed in the baseline. The test case (thanks for that) currently passes 
in
the nightly builds, but it might have been fixed from as early as 1.3.

Original comment by arshan.d...@gmail.com on 24 Nov 2009 at 3:53