# HG changeset patch
# User aefimov
# Date 1470970486 -3600
# Node ID a707bf64bdc156cd0f04364940f17675318e9824
# Parent beb94a7af7efd5fe94d9cc4710713b211422d6fd
8148872: Complete name checking
Reviewed-by: dfuchs, lancea, ahgross
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11DocumentScannerImpl.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11DocumentScannerImpl.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11DocumentScannerImpl.java Fri Aug 12 03:54:46 2016 +0100
@@ -185,6 +185,7 @@
* @param checkEntities true if undeclared entities should be reported as VC violation,
* false if undeclared entities should be reported as WFC violation.
* @param eleName The name of element to which this attribute belongs.
+ * @param isNSURI The flag indicating whether the content is a namespace URI
*
* @return true if the non-normalized and normalized value are the same
*
@@ -194,7 +195,7 @@
protected boolean scanAttributeValue(XMLString value,
XMLString nonNormalizedValue,
String atName,
- boolean checkEntities,String eleName)
+ boolean checkEntities,String eleName, boolean isNSURI)
throws IOException, XNIException
{
// quote
@@ -206,7 +207,7 @@
fEntityScanner.scanChar();
int entityDepth = fEntityDepth;
- int c = fEntityScanner.scanLiteral(quote, value);
+ int c = fEntityScanner.scanLiteral(quote, value, isNSURI);
if (DEBUG_ATTR_NORMALIZATION) {
System.out.println("** scanLiteral -> \""
+ value.toString() + "\"");
@@ -388,7 +389,7 @@
fStringBuffer2.append((char)c);
}
}
- c = fEntityScanner.scanLiteral(quote, value);
+ c = fEntityScanner.scanLiteral(quote, value, isNSURI);
if (entityDepth == fEntityDepth) {
fStringBuffer2.append(value);
}
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11EntityScanner.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11EntityScanner.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11EntityScanner.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,13 +1,13 @@
/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
*/
-
/*
- * Copyright 2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
@@ -24,10 +24,10 @@
import com.sun.org.apache.xerces.internal.util.XML11Char;
import com.sun.org.apache.xerces.internal.util.XMLChar;
import com.sun.org.apache.xerces.internal.util.XMLStringBuffer;
-import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager;
import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager.Limit;
import com.sun.org.apache.xerces.internal.xni.QName;
import com.sun.org.apache.xerces.internal.xni.XMLString;
+import com.sun.xml.internal.stream.Entity;
import java.io.IOException;
/**
@@ -307,23 +307,11 @@
return null;
}
+ int length = 0;
do {
ch = fCurrentEntity.ch[fCurrentEntity.position];
if (XML11Char.isXML11Name(ch)) {
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, offset)) > 0) {
offset = 0;
if (load(length, false, false)) {
break;
@@ -331,20 +319,7 @@
}
}
else if (XML11Char.isXML11NameHighSurrogate(ch)) {
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, offset)) > 0) {
offset = 0;
if (load(length, false, false)) {
--fCurrentEntity.position;
@@ -358,20 +333,7 @@
--fCurrentEntity.position;
break;
}
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, offset)) > 0) {
offset = 0;
if (load(length, false, false)) {
break;
@@ -384,12 +346,13 @@
}
while (true);
- int length = fCurrentEntity.position - offset;
+ length = fCurrentEntity.position - offset;
fCurrentEntity.columnNumber += length;
// return name
String symbol = null;
if (length > 0) {
+ checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length);
symbol = fSymbolTable.addSymbol(fCurrentEntity.ch, offset, length);
}
return symbol;
@@ -632,6 +595,7 @@
}
int index = -1;
+ int length = 0;
boolean sawIncompleteSurrogatePair = false;
do {
ch = fCurrentEntity.ch[fCurrentEntity.position];
@@ -644,22 +608,7 @@
//check prefix before further read
checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, index - offset);
}
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- //check localpart before loading more data
- checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length - index - 1);
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, index)) > 0) {
if (index != -1) {
index = index - offset;
}
@@ -670,20 +619,7 @@
}
}
else if (XML11Char.isXML11NameHighSurrogate(ch)) {
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, index)) > 0) {
if (index != -1) {
index = index - offset;
}
@@ -702,20 +638,7 @@
--fCurrentEntity.position;
break;
}
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.ch.length) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.ch.length << 1];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- }
- else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, index)) > 0) {
if (index != -1) {
index = index - offset;
}
@@ -731,7 +654,7 @@
}
while (true);
- int length = fCurrentEntity.position - offset;
+ length = fCurrentEntity.position - offset;
fCurrentEntity.columnNumber += length;
if (length > 0) {
@@ -935,6 +858,7 @@
* @param quote The quote character that signifies the end of the
* attribute value data.
* @param content The content structure to fill.
+ * @param isNSURI a flag indicating whether the content is a Namespace URI
*
* @return Returns the next character on the input, if known. This
* value may be -1 but this does note designate
@@ -943,7 +867,7 @@
* @throws IOException Thrown if i/o error occurs.
* @throws EOFException Thrown on end of file.
*/
- public int scanLiteral(int quote, XMLString content)
+ public int scanLiteral(int quote, XMLString content, boolean isNSURI)
throws IOException {
// load more characters, if needed
if (fCurrentEntity.position == fCurrentEntity.count) {
@@ -1043,6 +967,9 @@
if (fCurrentEntity.isGE) {
checkLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT, fCurrentEntity, offset, length);
}
+ if (isNSURI) {
+ checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length);
+ }
content.setValues(fCurrentEntity.ch, offset, length);
// return next character
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11NSDocumentScannerImpl.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11NSDocumentScannerImpl.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XML11NSDocumentScannerImpl.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
*/
/*
@@ -615,13 +615,20 @@
//REVISIT: one more case needs to be included: external PE and standalone is no
boolean isVC = fHasExternalDTD && !fStandalone;
- // REVISIT: it seems that this function should not take attributes, and length
- scanAttributeValue(
- this.fTempString,
- fTempString2,
- fAttributeQName.rawname,
- isVC,
- fCurrentElement.rawname);
+ /**
+ * Determine whether this is a namespace declaration that will be subject
+ * to the name limit check in the scanAttributeValue operation.
+ * Namespace declaration format: xmlns="..." or xmlns:prefix="..."
+ * Note that prefix:xmlns="..." isn't a namespace.
+ */
+ String localpart = fAttributeQName.localpart;
+ String prefix = fAttributeQName.prefix != null
+ ? fAttributeQName.prefix : XMLSymbols.EMPTY_STRING;
+ boolean isNSDecl = fBindNamespaces & (prefix == XMLSymbols.PREFIX_XMLNS ||
+ prefix == XMLSymbols.EMPTY_STRING && localpart == XMLSymbols.PREFIX_XMLNS);
+
+ scanAttributeValue(this.fTempString, fTempString2, fAttributeQName.rawname,
+ isVC, fCurrentElement.rawname, isNSDecl);
String value = fTempString.toString();
attributes.setValue(attrIndex, value);
attributes.setNonNormalizedValue(attrIndex, fTempString2.toString());
@@ -629,17 +636,7 @@
// record namespace declarations if any.
if (fBindNamespaces) {
-
- String localpart = fAttributeQName.localpart;
- String prefix =
- fAttributeQName.prefix != null
- ? fAttributeQName.prefix
- : XMLSymbols.EMPTY_STRING;
- // when it's of form xmlns="..." or xmlns:prefix="...",
- // it's a namespace declaration. but prefix:xmlns="..." isn't.
- if (prefix == XMLSymbols.PREFIX_XMLNS
- || prefix == XMLSymbols.EMPTY_STRING
- && localpart == XMLSymbols.PREFIX_XMLNS) {
+ if (isNSDecl) {
if (value.length() > fXMLNameLimit) {
fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
"MaxXMLNameLimit",
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDTDScannerImpl.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
*/
/*
@@ -1434,7 +1434,7 @@
// AttValue
boolean isVC = !fStandalone && (fSeenExternalDTD || fSeenExternalPE) ;
scanAttributeValue(defaultVal, nonNormalizedDefaultVal, atName,
- fAttributes, 0, isVC, elName);
+ fAttributes, 0, isVC, elName, false);
}
return defaultType;
@@ -1652,7 +1652,7 @@
}
fLimitAnalyzer.startEntity(entityName);
- if (fEntityScanner.scanLiteral(quote, fString) != quote) {
+ if (fEntityScanner.scanLiteral(quote, fString, false) != quote) {
fStringBuffer.clear();
fStringBuffer2.clear();
do {
@@ -1736,7 +1736,7 @@
fEntityScanner.scanChar();
}
}
- } while (fEntityScanner.scanLiteral(quote, fString) != quote);
+ } while (fEntityScanner.scanLiteral(quote, fString, false) != quote);
fStringBuffer.append(fString);
fStringBuffer2.append(fString);
literal = fStringBuffer;
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLDocumentFragmentScannerImpl.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
*/
/*
@@ -1526,9 +1526,8 @@
//can safely add the attribute later..
XMLString tmpStr = getString();
- scanAttributeValue(tmpStr, fTempString2,
- fAttributeQName.rawname, attributes,
- attIndex, isVC, fCurrentElement.rawname);
+ scanAttributeValue(tmpStr, fTempString2, fAttributeQName.rawname, attributes,
+ attIndex, isVC, fCurrentElement.rawname, false);
// content
int oldLen = attributes.getLength();
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLEntityScanner.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLEntityScanner.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLEntityScanner.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,13 +1,13 @@
/*
- * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
*/
-
/*
- * Copyright 2005 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
@@ -648,6 +648,7 @@
// scan name
int offset = fCurrentEntity.position;
+ int length;
if (XMLChar.isNameStart(fCurrentEntity.ch[offset])) {
if (++fCurrentEntity.position == fCurrentEntity.count) {
fCurrentEntity.ch[0] = fCurrentEntity.ch[offset];
@@ -674,20 +675,7 @@
vc = XMLChar.isName(c);
}
if(!vc)break;
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- invokeListeners(length);
- if (length == fCurrentEntity.fBufferSize) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.fBufferSize * 2];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- fCurrentEntity.fBufferSize *= 2;
- } else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, offset)) > 0) {
offset = 0;
if (load(length, false, false)) {
break;
@@ -695,12 +683,13 @@
}
}
}
- int length = fCurrentEntity.position - offset;
+ length = fCurrentEntity.position - offset;
fCurrentEntity.columnNumber += length;
// return name
String symbol;
if (length > 0) {
+ checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length);
symbol = fSymbolTable.addSymbol(fCurrentEntity.ch, offset, length);
} else
symbol = null;
@@ -775,6 +764,7 @@
}
int index = -1;
boolean vc = false;
+ int length;
while ( true){
//XMLChar.isName(fCurrentEntity.ch[fCurrentEntity.position])) ;
@@ -793,22 +783,7 @@
//check prefix before further read
checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, index - offset);
}
- if (++fCurrentEntity.position == fCurrentEntity.count) {
- int length = fCurrentEntity.position - offset;
- //check localpart before loading more data
- checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length - index - 1);
- invokeListeners(length);
- if (length == fCurrentEntity.fBufferSize) {
- // bad luck we have to resize our buffer
- char[] tmp = new char[fCurrentEntity.fBufferSize * 2];
- System.arraycopy(fCurrentEntity.ch, offset,
- tmp, 0, length);
- fCurrentEntity.ch = tmp;
- fCurrentEntity.fBufferSize *= 2;
- } else {
- System.arraycopy(fCurrentEntity.ch, offset,
- fCurrentEntity.ch, 0, length);
- }
+ if ((length = checkBeforeLoad(fCurrentEntity, offset, index)) > 0) {
if (index != -1) {
index = index - offset;
}
@@ -818,7 +793,7 @@
}
}
}
- int length = fCurrentEntity.position - offset;
+ length = fCurrentEntity.position - offset;
fCurrentEntity.columnNumber += length;
if (length > 0) {
String prefix = null;
@@ -864,6 +839,45 @@
} // scanQName(QName):boolean
/**
+ * Checks whether the end of the entity buffer has been reached. If yes,
+ * checks against the limit and buffer size before loading more characters.
+ *
+ * @param entity the current entity
+ * @param offset the offset from which the current read was started
+ * @param nameOffset the offset from which the current name starts
+ * @return the length of characters scanned before the end of the buffer,
+ * zero if there is more to be read in the buffer
+ */
+ protected int checkBeforeLoad(Entity.ScannedEntity entity, int offset,
+ int nameOffset) throws IOException {
+ int length = 0;
+ if (++entity.position == entity.count) {
+ length = entity.position - offset;
+ int nameLength = length;
+ if (nameOffset != -1) {
+ nameOffset = nameOffset - offset;
+ nameLength = length - nameOffset - 1;
+ } else {
+ nameOffset = offset;
+ }
+ //check limit before loading more data
+ checkLimit(Limit.MAX_NAME_LIMIT, entity, nameOffset, nameLength);
+ invokeListeners(length);
+ if (length == entity.ch.length) {
+ // bad luck we have to resize our buffer
+ char[] tmp = new char[entity.fBufferSize * 2];
+ System.arraycopy(entity.ch, offset, tmp, 0, length);
+ entity.ch = tmp;
+ entity.fBufferSize *= 2;
+ }
+ else {
+ System.arraycopy(entity.ch, offset, entity.ch, 0, length);
+ }
+ }
+ return length;
+ }
+
+ /**
* Checks whether the value of the specified Limit exceeds its limit
*
* @param limit The Limit to be checked.
@@ -1049,6 +1063,7 @@
* @param quote The quote character that signifies the end of the
* attribute value data.
* @param content The content structure to fill.
+ * @param isNSURI a flag indicating whether the content is a Namespace URI
*
* @return Returns the next character on the input, if known. This
* value may be -1 but this does note designate
@@ -1057,7 +1072,7 @@
* @throws IOException Thrown if i/o error occurs.
* @throws EOFException Thrown on end of file.
*/
- public int scanLiteral(int quote, XMLString content)
+ public int scanLiteral(int quote, XMLString content, boolean isNSURI)
throws IOException {
if (DEBUG_BUFFER) {
System.out.print("(scanLiteral, '"+(char)quote+"': ");
@@ -1180,6 +1195,9 @@
if (fCurrentEntity.isGE) {
checkLimit(Limit.TOTAL_ENTITY_SIZE_LIMIT, fCurrentEntity, offset, length);
}
+ if (isNSURI) {
+ checkLimit(Limit.MAX_NAME_LIMIT, fCurrentEntity, offset, length);
+ }
content.setValues(fCurrentEntity.ch, offset, length);
// return next character
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLNSDocumentScannerImpl.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
*/
/*
@@ -437,23 +437,28 @@
//since scanAttributeValue doesn't use attIndex parameter therefore we
//can safely add the attribute later..
XMLString tmpStr = getString();
- scanAttributeValue(tmpStr, fTempString2,
- fAttributeQName.rawname, attributes,
- attrIndex, isVC, fCurrentElement.rawname);
+
+ /**
+ * Determine whether this is a namespace declaration that will be subject
+ * to the name limit check in the scanAttributeValue operation.
+ * Namespace declaration format: xmlns="..." or xmlns:prefix="..."
+ * Note that prefix:xmlns="..." isn't a namespace.
+ */
+ String localpart = fAttributeQName.localpart;
+ String prefix = fAttributeQName.prefix != null
+ ? fAttributeQName.prefix : XMLSymbols.EMPTY_STRING;
+ boolean isNSDecl = fBindNamespaces & (prefix == XMLSymbols.PREFIX_XMLNS ||
+ prefix == XMLSymbols.EMPTY_STRING && localpart == XMLSymbols.PREFIX_XMLNS);
+
+ scanAttributeValue(tmpStr, fTempString2, fAttributeQName.rawname, attributes,
+ attrIndex, isVC, fCurrentElement.rawname, isNSDecl);
String value = null;
//fTempString.toString();
// record namespace declarations if any.
if (fBindNamespaces) {
-
- String localpart = fAttributeQName.localpart;
- String prefix = fAttributeQName.prefix != null
- ? fAttributeQName.prefix : XMLSymbols.EMPTY_STRING;
- // when it's of form xmlns="..." or xmlns:prefix="...",
- // it's a namespace declaration. but prefix:xmlns="..." isn't.
- if (prefix == XMLSymbols.PREFIX_XMLNS ||
- prefix == XMLSymbols.EMPTY_STRING && localpart == XMLSymbols.PREFIX_XMLNS) {
+ if (isNSDecl) {
//check the length of URI
if (tmpStr.length > fXMLNameLimit) {
fErrorReporter.reportError(XMLMessageFormatter.XML_DOMAIN,
diff -r beb94a7af7ef -r a707bf64bdc1 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java
--- a/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java Wed May 04 23:23:49 2016 +0100
+++ b/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java Fri Aug 12 03:54:46 2016 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
*/
/*
@@ -34,6 +34,7 @@
import com.sun.org.apache.xerces.internal.utils.XMLLimitAnalyzer;
import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager;
import com.sun.org.apache.xerces.internal.xni.Augmentations;
+import com.sun.org.apache.xerces.internal.xni.QName;
import com.sun.org.apache.xerces.internal.xni.XMLAttributes;
import com.sun.org.apache.xerces.internal.xni.XMLResourceIdentifier;
import com.sun.org.apache.xerces.internal.xni.XMLString;
@@ -617,7 +618,7 @@
: "QuoteRequiredInXMLDecl" , new Object[]{name});
}
fEntityScanner.scanChar();
- int c = fEntityScanner.scanLiteral(quote, value);
+ int c = fEntityScanner.scanLiteral(quote, value, false);
if (c != quote) {
fStringBuffer2.clear();
do {
@@ -635,7 +636,7 @@
fEntityScanner.scanChar();
}
}
- c = fEntityScanner.scanLiteral(quote, value);
+ c = fEntityScanner.scanLiteral(quote, value, false);
} while (c != quote);
fStringBuffer2.append(value);
value.setValues(fStringBuffer2);
@@ -829,15 +830,14 @@
* @param checkEntities true if undeclared entities should be reported as VC violation,
* false if undeclared entities should be reported as WFC violation.
* @param eleName The name of element to which this attribute belongs.
+ * @param isNSURI a flag indicating whether the content is a Namespace URI
*
* Note: This method uses fStringBuffer2, anything in it
* at the time of calling is lost.
**/
- protected void scanAttributeValue(XMLString value,
- XMLString nonNormalizedValue,
- String atName,
- XMLAttributes attributes, int attrIndex,
- boolean checkEntities, String eleName)
+ protected void scanAttributeValue(XMLString value, XMLString nonNormalizedValue,
+ String atName, XMLAttributes attributes, int attrIndex, boolean checkEntities,
+ String eleName, boolean isNSURI)
throws IOException, XNIException {
XMLStringBuffer stringBuffer = null;
// quote
@@ -849,7 +849,7 @@
fEntityScanner.scanChar();
int entityDepth = fEntityDepth;
- int c = fEntityScanner.scanLiteral(quote, value);
+ int c = fEntityScanner.scanLiteral(quote, value, isNSURI);
if (DEBUG_ATTR_NORMALIZATION) {
System.out.println("** scanLiteral -> \""
+ value.toString() + "\"");
@@ -1011,7 +1011,7 @@
fStringBuffer2.append((char)c);
}
}
- c = fEntityScanner.scanLiteral(quote, value);
+ c = fEntityScanner.scanLiteral(quote, value, isNSURI);
if (entityDepth == fEntityDepth && fNeedNonNormalizedValue) {
fStringBuffer2.append(value);
}
@@ -1084,7 +1084,7 @@
}
fEntityScanner.scanChar();
XMLString ident = fString;
- if (fEntityScanner.scanLiteral(quote, ident) != quote) {
+ if (fEntityScanner.scanLiteral(quote, ident, false) != quote) {
fStringBuffer.clear();
do {
fStringBuffer.append(ident);
@@ -1095,7 +1095,7 @@
reportFatalError("InvalidCharInSystemID",
new Object[] {Integer.toString(c, 16)});
}
- } while (fEntityScanner.scanLiteral(quote, ident) != quote);
+ } while (fEntityScanner.scanLiteral(quote, ident, false) != quote);
fStringBuffer.append(ident);
ident = fStringBuffer;
}