Skip to content

Commit

Permalink
Merge pull request #140 from CycloneDX/invalid-xml-characters
Browse files Browse the repository at this point in the history 
Fix for invalid xml characters
  • Loading branch information
@coderpatros
coderpatros authored Dec 5, 2020
2 parents ca4cf86 + c8fa641 commit 8de9c16
Show file tree
Hide file tree
Showing 4 changed files with 392 additions and 5 deletions.
17 changes: 12 additions & 5 deletions cyclonedx/bom/generator.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,17 @@
from collections import OrderedDict
import json
from json import JSONEncoder
import re
from xml.etree import ElementTree

from cyclonedx.models import *

RE_XML_ILLEGAL = u'([\u0000-\u0008\u000b-\u000c\u000e-\u001f\ufffe-\uffff])' + \
u'|' + \
u'([%s-%s][^%s-%s])|([^%s-%s][%s-%s])|([%s-%s]$)|(^[%s-%s])' % \
(chr(0xd800),chr(0xdbff),chr(0xdc00),chr(0xdfff),
chr(0xd800),chr(0xdbff),chr(0xdc00),chr(0xdfff),
chr(0xd800),chr(0xdbff),chr(0xdc00),chr(0xdfff))

class BomJSONEncoder(JSONEncoder):
def default(self, obj):
Expand Down Expand Up @@ -85,16 +92,16 @@ def build_xml_component_element(publisher, name, version, description, hashes, l
component = ElementTree.Element("component", {"type": component_type})

if publisher and publisher != "UNKNOWN":
ElementTree.SubElement(component, "publisher").text = publisher
ElementTree.SubElement(component, "publisher").text = re.sub(RE_XML_ILLEGAL, "?", publisher)

if name and name != "UNKNOWN":
ElementTree.SubElement(component, "name").text = name
ElementTree.SubElement(component, "name").text = re.sub(RE_XML_ILLEGAL, "?", name)

if version and version != "UNKNOWN":
ElementTree.SubElement(component, "version").text = version
ElementTree.SubElement(component, "version").text = re.sub(RE_XML_ILLEGAL, "?", version)

if description and description != "UNKNOWN":
ElementTree.SubElement(component, "description").text = description
ElementTree.SubElement(component, "description").text = re.sub(RE_XML_ILLEGAL, "?", description)

if hashes:
hashes_elm = ElementTree.SubElement(component, "hashes")
Expand All @@ -106,7 +113,7 @@ def build_xml_component_element(publisher, name, version, description, hashes, l
for component_license in licenses:
if component_license.license is not None:
license_elm = ElementTree.SubElement(licenses_elm, "license")
ElementTree.SubElement(license_elm, "name").text = component_license.license.name
ElementTree.SubElement(license_elm, "name").text = re.sub(RE_XML_ILLEGAL, "?", component_license.license.name)

if purl:
ElementTree.SubElement(component, "purl").text = purl
Expand Down
Loading

0 comments on commit 8de9c16

Please sign in to comment.