Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem in parsing an XML tag.

 
mallika mallikaa
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have parsed an XML file using SAXPARSER in Java I am able to read description tag in XML file.The text in the description tag is in the form as given below with space.

><description>The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date that is set on the targeted machine.

This may help an attacker to defeat all time-based authentication
protocols.</description>

Because of the spaces present in between the Tags only the last line of the tag I am able to read.

Please advice me on this.
 
mallika mallikaa
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please provide if any solution is available.
 
Ivan Krizsan
Ranch Hand
Posts: 2198
1
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
Could you post an example program that shows the problem?
I don't mind having a look at some code, but I won't write a program from scratch just to try it.
Best wishes!
 
Paul Clapham
Sheriff
Posts: 21107
32
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is no doubt the frequent problem where people assume that the SAX characters() method will always return a whole text node in one piece, instead of splitting it into more than one piece. That's an incorrect assumption -- a SAX parser may split a text node into several pieces and call the characters() method for each piece.
 
mallika mallikaa
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
@Ivan

we are using below SAXParser code.we do not know how to remove whitespaces in string( )while reading XML through SAXpareser code.


for example: <description>The remote host supports the use of anonymous SSL ciphers.While this enables an administrator to set up a service that encrypts trafficwithout having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack. Note: This is considerably easier to exploit if the attacker is on the same physical network.</description>

but we are getting only last line (same physical network).so please give me solution.


package ness;




import java.io.IOException;





import java.util.*;





import javax.xml.parsers.ParserConfigurationException;





import javax.xml.parsers.SAXParser;





import javax.xml.parsers.SAXParserFactory;





import org.xml.sax.Attributes;





import org.xml.sax.SAXException;





import org.xml.sax.helpers.DefaultHandler;





import java.sql.*;





public class SAXParserExample extends DefaultHandler{





List<Object> myXmls;


int i = 0;


int count = 0,sevValue;
int newyear;

String item,item1;


private String tempVal;

String circle_name,newmonth;
int y=2011;



String sys,stime,etime,mac,os;
String status="Open";


NDBConnection obj=new NDBConnection();


Connection con = null;


PreparedStatement pstmt;

static String path1;



Class1 temp;




// Class2 temp1;


public SAXParserExample(String circle,String month_new,int year_new){

circle_name=circle;
newmonth=month_new;
newyear=year_new;

myXmls = new ArrayList<Object>();


}


// public void runExample() {


//parseDocument(path1);


//printData();
//}




public void parseDocument(String path) {





//get a factory
SAXParserFactory spf = SAXParserFactory.newInstance();


try {


//get a new instance of parser


SAXParser sp = spf.newSAXParser();


//parse the file and also register this class for call backs


//sp.parse("C:/nes/Nessusnew.xml", this);


sp.parse(path,this);




}catch(SAXException se) {


se.printStackTrace();


}catch(ParserConfigurationException pce) {


pce.printStackTrace();


}catch (IOException ie) {


ie.printStackTrace();


}


}
/**


* Iterate through the list and print


* the contents
*
*/
// private void printData(){


//try{


//System.out.println("No of ReportItems'" + myXmls.size() + "'.");


// Iterator<Object> it = myXmls.iterator();


//Displays Elements

// while(it.hasNext()) {


// System.out.println(i);

// i++;

// System.out.println(it.next().toString());


//}

// }


//Event Handlers


public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException {



//reset


tempVal ="";


if(qName.equalsIgnoreCase("ReportHost")){


//temp=new Class1();


item=attributes.getValue("name");


// temp.setname(attributes.getValue("name"));


}

if(qName.equalsIgnoreCase("HostProperties"))


{


//temp1=new Class2();


temp=new Class1();


// Data2();


}


if(qName.equalsIgnoreCase("tag")) {


// temp1=new Class2();


if(attributes.getValue("name").equals("HOST_END"))count=1;



if(attributes.getValue("name").equals("mac-address")) count=2;



if(attributes.getValue("name").equals("system-type")) count=3;



if(attributes.getValue("name").equals("operating-system")) count=4;




if(attributes.getValue("name").equals("HOST_START")) count=5;


}


if(qName.equalsIgnoreCase("ReportItem")) {


//create a new instance of employee


temp = new Class1();



temp.setport(attributes.getValue("port"));



temp.setseverity(attributes.getValue("severity"));




temp.setpluginID(Integer.parseInt(attributes.getValue("pluginID")));





temp.setpluginName(attributes.getValue("pluginName"));


temp.setname(item);


temp.setsystem(sys);


temp.setstarttime(stime);


temp.setendtime(etime);

temp.setmac(mac);

temp.setos(os);




sevValue=Integer.parseInt(attributes.getValue("severity"));


if(sevValue==0)


{

temp.setport(attributes.getValue("port"));



temp.setseverity(attributes.getValue("severity"));


temp.setpluginID(Integer.parseInt(attributes.getValue("pluginID")));


temp.setpluginName(attributes.getValue("pluginName"));


temp.setname(item);


temp.setsystem(sys);


temp.setstarttime(stime);


temp.setendtime(etime);

temp.setmac(mac);

temp.setos(os);

Data();

}






}





}








//tempEmp.setType(attributes.getValue("ReportItem"));





//}





public void characters(char[] ch, int start, int length) throws SAXException {





tempVal = new String(ch,start,length);





}






public void endElement(String uri, String localName, String qName) throws SAXException {





// if(qName.equalsIgnoreCase("ReportHost"))





// {





// temp1.setname(item);







// }








if(qName.equalsIgnoreCase("ReportHost"))





{





//myXmls.add(temp);


temp.setname(item);





}






// if(qName.equalsIgnoreCase("HostProperties")) {





// System.out.println("count "+count);





// myXmls.add(temp1);








// }else if ((qName.equalsIgnoreCase("tag")) && (count == 1)){





// temp1.sethostend(tempVal);





// }else if ((qName.equalsIgnoreCase("tag")) && (count == 2)){





// temp1.setip(tempVal);





// }else if ((qName.equalsIgnoreCase("tag")) && (count == 3)){





// temp1.setsystem(tempVal);





// }else if ((qName.equalsIgnoreCase("tag")) && (count == 4)){





// temp1.setos(tempVal);





// }else if ((qName.equalsIgnoreCase("tag")) && (count == 5)){





// temp1.setstarttime(tempVal);





//}





if(qName.equalsIgnoreCase("HostProperties")) {





//myXmls.add(temp);





}else if ((qName.equalsIgnoreCase("tag")) && (count == 1)){





// temp.setstarttime1(tempVal);


stime=tempVal;








}else if ((qName.equalsIgnoreCase("tag")) && (count == 2)){





// temp.setmac(tempVal);


mac=tempVal;








}else if ((qName.equalsIgnoreCase("tag")) && (count == 3)){





//temp.setsystem1(tempVal);


sys=tempVal;








}else if ((qName.equalsIgnoreCase("tag")) && (count == 4)){





//temp.setos(tempVal);


os=tempVal;








}else if ((qName.equalsIgnoreCase("tag")) && (count == 5)){





// temp.setenddate1(tempVal);


etime=tempVal;





}











// if ((qName.equalsIgnoreCase("tag")) && (count == 5)){











//Data2();





// }





// if(qName.equalsIgnoreCase("name")) {





// System.out.println("count "+count);





// if(count == 2)





// temp1.setsystem(tempVal);





// else if (count == 3)





// temp1.setos(tempVal);





// }





if(qName.equalsIgnoreCase("ReportItem")) {





//add it to the list





myXmls.add(temp);











//temp.setsystem1(item1);





//temp = new Class1();





//myXmls.add(obj);





}else if (qName.equalsIgnoreCase("risk_factor")) {






temp.setriskfactor(tempVal);


temp.setname(item);


temp.setsystem(sys);


temp.setstarttime(stime);


temp.setendtime(etime);

temp.setmac(mac);

temp.setos(os);







}





else if (qName.equalsIgnoreCase("description")) {





temp.setdescription(tempVal.replaceAll("\\s+", " "));





}else if (qName.equalsIgnoreCase("synopsis")) {





temp.setsynopsis((tempVal.trim()));





// if(sevValue>0)





Data();





}else if (qName.equalsIgnoreCase("solution")) {





temp.setsolution(tempVal);





}








}





//Dbconnection.connect();





public void Data()





{





try{





obj.getDBConnection();




pstmt=obj.getDBConnection().prepareStatement("INSERT INTO test.upload(circle,month,year,hostendtime,starttime,ip,port,severity,pluginID,pluginName,description,synopsis,solution,riskfactor,Status) values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");

//pstmt=obj.getDBConnection().prepareStatement("INSERT INTO test.upload(circle,hostendtime,starttime,ip,port,severity,pluginID,pluginName,description,synopsis,solution,riskfactor,Status) values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");

pstmt.setString(1,circle_name);

pstmt.setString(2,newmonth);

pstmt.setInt(3,newyear);


pstmt.setString(4,temp.getendtime());


pstmt.setString(5,temp.getstarttime());


pstmt.setString(6,temp.getname());


pstmt.setString(7,temp.getport());

pstmt.setString(8,temp.getseverity());

pstmt.setInt(9,temp.getpluginID());

pstmt.setString(10,temp.getpluginName());

pstmt.setString(11,temp.getdescription());

pstmt.setString(12,temp.getsynopsis());

pstmt.setString(13,temp.getsolution());

pstmt.setString(14,temp.getriskfactor());


pstmt.setString(15,status);

// pstmt.setString(16,status);


pstmt.executeUpdate();





}catch(Exception e)





{





System.out.println("exception: " + e.getMessage());





e.printStackTrace();





}





}






// public static void main(String[] args){



// SAXParserExample spe = new SAXParserExample();



// spe.parseDocument(path1);







// }





}


 
Naren Mane
Greenhorn
Posts: 16
Android Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Why don't you try jdom parser, I think it is a good and is developed on top of SAXParser. I've experienced few problem with SAXParser and by using jdom I was able to get around with those problems. It is a pretty parser.

Thanks.


 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13062
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Your characters method is suffering from exactly the problem Paul pointed out. If you won't follow suggestions, why should we look at your code at all?

Bill
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic