AntFleet

Disagreement · 70b30f32-anthropic-1

escapeXml is unsafe for XML attributes — only escapes 5 syntactic chars, not control characters

solo Opus
repo e24ef98c·PR #8·reviewed 1 week ago

Opus finding

escapeXml is unsafe for XML attributes — only escapes 5 syntactic chars, not control characters

mediumbughigh
  • apps/web/lib/rss.ts:6-16
  • apps/web/lib/rss.ts:1-5
The comment claims escapeXml 'has to handle every character that XML treats as syntactic', but XML 1.0 disallows most ASCII control characters (U+0000–U+0008, U+000B, U+000C, U+000E–U+001F) entirely — they are not legal in XML content and cannot simply be escaped via numeric entities. If a finding title, description, or selfLink contains, say, U+0000 or U+0001 (which could leak in from raw model output or repo metadata), renderRssFeed will emit a malformed XML feed that breaks every RSS reader. The escape function is documented as load-bearing but does not strip or replace illegal control chars, contradicting the comment.

Recommendation

Either strip characters not in the XML 1.0 allowed range (U+0009, U+000A, U+000D, U+0020–U+D7FF, U+E000–U+FFFD, U+10000–U+10FFFF) inside escapeXml, or document that callers must pre-sanitize. Update the comment to match actual behavior.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗