here is a patch that improves the robustness of the message packet parser by interpreting everything within a tag as string. So even if the tag contains other tags (which is forbidden by XMPP specification but may happen since the content is user generated and there may be clients that don’t escape the text correctly) the connection to the XMPP server won’t be closed because of an XMLPullParserException, instead the content will be parsed as string ignoring all tags. It will still crash on invalid XML though.
Additionally for the parser to correctly set message bodies in different languages that may occur in a message packet the patch fixes the faulty handling of localized bodies.
A message tag may contain an xml:lang attribute which sets the default language of the message. This attribute is now not ignored anymore when correlating the message bodies to a language. Every message body now has a language associated (no null language for the default language of the message or application at the moment the body was set).
The patch comes with some unit tests that require the library java-xmlbuilder.
The java-xmlbuilder is a small and powerful library to easily and clearly create XML documents (compared to the ugliness of creating XML by concatenating strings and variables).
Download the library here and put the jar file in the build/build/ folder (next to the xmlunit library).
improve_message_parse_robustness.patch.zip (4848 Bytes)