Hacker News new | past | comments | ask | show | jobs | submit login

A quick look shows that RustyXML doesn't have complete error-checking when building a tree, so it's possible to get this library to generate output that isn't well-formed XML (hi parse-errors!), which should be a worry if you're taking input from other sources (with arbitrary strings).



Author or rust-rss here. What kind of errors could occur when generating the output?


Consider a string containing U+0000 or U+FFFF; both will generate output that isn't well-formed XML.


I'll look into it. Thanks for pointing it out.


As far as I'm aware, this is just a current shortcoming of RustyXML — it should just be fixed there.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: