# HG changeset patch # User aefimov # Date 1390419665 -14400 # Node ID 77384dd56a14aa614bae67859c9fc20cd5805a6e # Parent 6b315c1d4126fccbd722dfe5a5dd6334ae194f14 8031540: Introduce document horizon Reviewed-by: joehw diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/XalanConstants.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/XalanConstants.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/XalanConstants.java Wed Jan 22 23:41:05 2014 +0400 @@ -90,6 +90,13 @@ */ public static final String JDK_XML_NAME_LIMIT = ORACLE_JAXP_PROPERTY_PREFIX + "maxXMLNameLimit"; + + /** + * JDK maxElementDepth limit + */ + public static final String JDK_MAX_ELEMENT_DEPTH = + ORACLE_JAXP_PROPERTY_PREFIX + "maxElementDepth"; + /** * JDK property indicating whether the parser shall print out entity * count information @@ -138,6 +145,11 @@ */ public static final String SP_XML_NAME_LIMIT = "jdk.xml.maxXMLNameLimit"; + /** + * JDK maxElementDepth limit + */ + public static final String SP_MAX_ELEMENT_DEPTH = "jdk.xml.maxElementDepth"; + //legacy System Properties public final static String ENTITY_EXPANSION_LIMIT = "entityExpansionLimit"; public static final String ELEMENT_ATTRIBUTE_LIMIT = "elementAttributeLimit" ; diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/utils/XMLSecurityManager.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/utils/XMLSecurityManager.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/utils/XMLSecurityManager.java Wed Jan 22 23:41:05 2014 +0400 @@ -90,7 +90,9 @@ GENEAL_ENTITY_SIZE_LIMIT(XalanConstants.JDK_GENEAL_ENTITY_SIZE_LIMIT, XalanConstants.SP_GENEAL_ENTITY_SIZE_LIMIT, 0, 0), PARAMETER_ENTITY_SIZE_LIMIT(XalanConstants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, - XalanConstants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000); + XalanConstants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000), + MAX_ELEMENT_DEPTH_LIMIT(XalanConstants.JDK_MAX_ELEMENT_DEPTH, + XalanConstants.SP_MAX_ELEMENT_DEPTH, 0, 0); final String apiProperty; final String systemProperty; diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/Constants.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/Constants.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/Constants.java Wed Jan 22 23:41:05 2014 +0400 @@ -206,6 +206,13 @@ */ public static final String JDK_XML_NAME_LIMIT = ORACLE_JAXP_PROPERTY_PREFIX + "maxXMLNameLimit"; + + /** + * JDK maxElementDepth limit + */ + public static final String JDK_MAX_ELEMENT_DEPTH = + ORACLE_JAXP_PROPERTY_PREFIX + "maxElementDepth"; + /** * JDK property to allow printing out information from the limit analyzer */ @@ -251,6 +258,11 @@ */ public static final String SP_XML_NAME_LIMIT = "jdk.xml.maxXMLNameLimit"; + /** + * JDK maxElementDepth limit + */ + public static final String SP_MAX_ELEMENT_DEPTH = "jdk.xml.maxElementDepth"; + //legacy System Properties public final static String ENTITY_EXPANSION_LIMIT = "entityExpansionLimit"; public static final String ELEMENT_ATTRIBUTE_LIMIT = "elementAttributeLimit" ; diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Wed Jan 22 23:41:05 2014 +0400 @@ -1289,6 +1289,7 @@ fAttributes.removeAllAttributes(); + checkDepth(rawname); if(!seekCloseOfStartTag()){ fReadingAttributes = true; fAttributeCacheUsedCount =0; @@ -1891,6 +1892,21 @@ // utility methods /** + * Check if the depth exceeds the maxElementDepth limit + * @param elementName name of the current element + */ + void checkDepth(String elementName) { + fLimitAnalyzer.addValue(Limit.MAX_ELEMENT_DEPTH_LIMIT, elementName, fElementStack.fDepth); + if (fSecurityManager.isOverLimit(Limit.MAX_ELEMENT_DEPTH_LIMIT,fLimitAnalyzer)) { + fSecurityManager.debugPrint(fLimitAnalyzer); + reportFatalError("MaxElementDepthLimit", new Object[]{elementName, + fLimitAnalyzer.getTotalValue(Limit.MAX_ELEMENT_DEPTH_LIMIT), + fSecurityManager.getLimit(Limit.MAX_ELEMENT_DEPTH_LIMIT), + "maxElementDepth"}); + } + } + + /** * Calls document handler with a single character resulting from * built-in entity resolution. * diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Wed Jan 22 23:41:05 2014 +0400 @@ -220,6 +220,7 @@ fCurrentElement = fElementQName; String rawname = fElementQName.rawname; + checkDepth(rawname); if (fBindNamespaces) { fNamespaceContext.pushContext(); if (fScannerState == SCANNER_STATE_ROOT_ELEMENT) { diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages.properties --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages.properties Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages.properties Wed Jan 22 23:41:05 2014 +0400 @@ -295,4 +295,5 @@ MaxEntitySizeLimit=JAXP00010003: The length of entity \"{0}\" is \"{1}\" that exceeds the \"{2}\" limit set by \"{3}\". TotalEntitySizeLimit=JAXP00010004: The accumulated size \"{0}\" of entities exceeded the \"{1}\" limit set by \"{2}\". MaxXMLNameLimit=JAXP00010005: The name \"{0}\" exceeded the \"{1}\" limit set by \"{2}\". + MaxElementDepthLimit=JAXP00010006: The element \"{0}\" has a depth of \"{1}\" that exceeds the limit \"{2}\" set by \"{3}\". diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java Wed Jan 22 23:41:05 2014 +0400 @@ -132,6 +132,10 @@ totalValue[index] += value; return; } + if (index == Limit.MAX_ELEMENT_DEPTH_LIMIT.ordinal()) { + totalValue[index] = value; + return; + } Map cache; if (caches[index] == null) { diff -r 6b315c1d4126 -r 77384dd56a14 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java --- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java Tue Nov 26 19:33:19 2013 +0000 +++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java Wed Jan 22 23:41:05 2014 +0400 @@ -66,7 +66,8 @@ ELEMENT_ATTRIBUTE_LIMIT(Constants.JDK_ELEMENT_ATTRIBUTE_LIMIT, Constants.SP_ELEMENT_ATTRIBUTE_LIMIT, 0, 10000), TOTAL_ENTITY_SIZE_LIMIT(Constants.JDK_TOTAL_ENTITY_SIZE_LIMIT, Constants.SP_TOTAL_ENTITY_SIZE_LIMIT, 0, 50000000), GENEAL_ENTITY_SIZE_LIMIT(Constants.JDK_GENEAL_ENTITY_SIZE_LIMIT, Constants.SP_GENEAL_ENTITY_SIZE_LIMIT, 0, 0), - PARAMETER_ENTITY_SIZE_LIMIT(Constants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, Constants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000); + PARAMETER_ENTITY_SIZE_LIMIT(Constants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, Constants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000), + MAX_ELEMENT_DEPTH_LIMIT(Constants.JDK_MAX_ELEMENT_DEPTH, Constants.SP_MAX_ELEMENT_DEPTH, 0, 0); final String apiProperty; final String systemProperty; @@ -429,9 +430,10 @@ return false; } - if (index==Limit.ELEMENT_ATTRIBUTE_LIMIT.ordinal() || - index==Limit.ENTITY_EXPANSION_LIMIT.ordinal() || - index==Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal()) { + if (index == Limit.ELEMENT_ATTRIBUTE_LIMIT.ordinal() || + index == Limit.ENTITY_EXPANSION_LIMIT.ordinal() || + index == Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal() || + index == Limit.MAX_ELEMENT_DEPTH_LIMIT.ordinal()) { return (limitAnalyzer.getTotalValue(index) > values[index]); } else { return (limitAnalyzer.getValue(index) > values[index]);