...
consequently contains the correct two-character sequence \n and correctly denotes back references rather than a newline character in the pattern.
In general, for a particular escape character of the form \X, the equivalent Java representation is
...
| Code Block | ||
|---|---|---|
| ||
public class GoodSplitter {
private final String WORDS = "\\b"; // Allows splitting on word boundaries
public String[] split(String input){
Pattern p = Pattern.compile(WORDS);
String[] input_array = p.split(input);
return input_array;
}
}
|
...
Applicability
Incorrect use of escape characters in string literals can result in misinterpretation and potential corruption of data.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
IDS54-JG | low | unlikely | high | P1 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
[API 20062011] Class Pattern "Backslashes, escapes, and quoting"
[API 20062011] Package java.sql
[JLS 20052011] 3.10.6. Escape Sequences for Character and String Literals
...