1
0
Fork 0
mirror of https://github.com/vanitasvitae/Smack.git synced 2024-11-29 23:42:06 +01:00

Switch or's to and's so that the exploit can't be used note that this doesn't fix the issue of invalid XML. SMACK-65

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@4343 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
Alex Wenckus 2006-07-10 18:27:40 +00:00 committed by alex
parent c4168bf3d7
commit 639386759a

View file

@ -70,12 +70,12 @@ public class XHTMLExtensionProvider implements PacketExtensionProvider {
buffer.append(StringUtils.escapeForXML(parser.getText())); buffer.append(StringUtils.escapeForXML(parser.getText()));
} }
} else if (eventType == XmlPullParser.END_TAG) { } else if (eventType == XmlPullParser.END_TAG) {
if (parser.getName().equals("body") || parser.getDepth() <= depth) { if (parser.getName().equals("body") && parser.getDepth() <= depth) {
buffer.append(parser.getText()); buffer.append(parser.getText());
xhtmlExtension.addBody(buffer.toString()); xhtmlExtension.addBody(buffer.toString());
} }
else if (parser.getName().equals(xhtmlExtension.getElementName()) else if (parser.getName().equals(xhtmlExtension.getElementName())
|| parser.getDepth() <= startDepth) { && parser.getDepth() <= startDepth) {
done = true; done = true;
} }
else { else {