diff --git a/pom.xml b/pom.xml
index e8b6964..9386ecd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
0.29-SNAPSHOT
hpi
Jenkins Valgrind Plug-in
- http://wiki.jenkins-ci.org/display/JENKINS/Valgrind+Plugin
+ https://wiki.jenkins-ci.org/display/JENKINS/Valgrind+Plugin
@@ -37,14 +37,14 @@
repo.jenkins-ci.org
- http://repo.jenkins-ci.org/public/
+ https://repo.jenkins-ci.org/public/
repo.jenkins-ci.org
- http://repo.jenkins-ci.org/public/
+ https://repo.jenkins-ci.org/public/
@@ -62,6 +62,11 @@
test
+
+ org.apache.commons
+ commons-text
+ 1.3
+
org.easymock
easymock
diff --git a/src/main/java/org/jenkinsci/plugins/valgrind/ValgrindResult.java b/src/main/java/org/jenkinsci/plugins/valgrind/ValgrindResult.java
index 7777f8f..a2a17c0 100644
--- a/src/main/java/org/jenkinsci/plugins/valgrind/ValgrindResult.java
+++ b/src/main/java/org/jenkinsci/plugins/valgrind/ValgrindResult.java
@@ -85,7 +85,7 @@ public String getSummary() throws IOException, InterruptedException
/**
*
- * @param link expected to be in format "id=,"
+ * @param link expected to be in format "id=<executable name>,<unique error id>"
* @param request
* @param response
* @return valgrind detail(s)
diff --git a/src/main/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParser.java b/src/main/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParser.java
index 5f8cc16..2ec5de5 100644
--- a/src/main/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParser.java
+++ b/src/main/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParser.java
@@ -8,6 +8,8 @@
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
+import static org.apache.commons.text.StringEscapeUtils.escapeHtml4;
+
import org.jenkinsci.plugins.valgrind.model.ValgrindAuxiliary;
import org.jenkinsci.plugins.valgrind.model.ValgrindError;
import org.jenkinsci.plugins.valgrind.model.ValgrindErrorKind;
@@ -329,7 +331,7 @@ public void characters(char ch[], int start, int length) throws SAXException
if ( data == null )
return;
- data.append(new String(ch,start,length));
+ data.append(escapeHtml4(new String(ch,start,length)));
}
public ValgrindReport getReport()
@@ -342,6 +344,9 @@ public ValgrindReport parse( final File file ) throws ParserConfigurationExcepti
{
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setNamespaceAware(true);
+ factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+ factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+ factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
SAXParser saxParser = factory.newSAXParser();
Handler handler = new Handler();
diff --git a/src/test/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParserTest.java b/src/test/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParserTest.java
index 37b7e2c..4e4c36e 100644
--- a/src/test/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParserTest.java
+++ b/src/test/java/org/jenkinsci/plugins/valgrind/parser/ValgrindSaxParserTest.java
@@ -175,7 +175,7 @@ public void suppression() throws ParserConfigurationException, SAXException, IOE
final String expectedSuppression =
"{\n" +
- " \n" +
+ " insert_a_suppression_name_here\n" +
" Memcheck:Addr1\n" +
" fun:memcpy@@GLIBC_2.14\n" +
" fun:access_already_freed_memory_memcpy\n" +
diff --git a/src/test/resources/org/jenkinsci/plugins/valgrind/parser/aux-data.xml b/src/test/resources/org/jenkinsci/plugins/valgrind/parser/aux-data.xml
index 9137997..22e5b04 100644
--- a/src/test/resources/org/jenkinsci/plugins/valgrind/parser/aux-data.xml
+++ b/src/test/resources/org/jenkinsci/plugins/valgrind/parser/aux-data.xml
@@ -87,7 +87,7 @@
+ insert_a_suppression_name_here
Memcheck:Addr1
fun:memcpy@@GLIBC_2.14
fun:access_already_freed_memory_memcpy