Mercurial > hg > openjdk > jdk6 > jaxws
changeset 29:b045b9c5f23b
6536193: Fix the flaw in UTF8XmlOutput
Reviewed-by: tbell
author | ramap |
---|---|
date | Thu, 05 Mar 2009 16:58:37 -0800 |
parents | 08c667c9edc5 |
children | 6d6e84c678bb |
files | src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java |
diffstat | 1 files changed, 32 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java Fri Jan 30 17:21:28 2009 -0800 +++ b/src/share/classes/com/sun/xml/internal/bind/v2/runtime/output/UTF8XmlOutput.java Thu Mar 05 16:58:37 2009 -0800 @@ -32,6 +32,7 @@ import com.sun.xml.internal.bind.DatatypeConverterImpl; import com.sun.xml.internal.bind.v2.runtime.Name; import com.sun.xml.internal.bind.v2.runtime.XMLSerializer; +import com.sun.xml.internal.bind.v2.runtime.MarshallerImpl; import org.xml.sax.SAXException; @@ -81,6 +82,11 @@ protected boolean closeStartTagPending = false; /** + * @see MarshallerImpl#header + */ + private String header; + + /** * * @param localNames * local names encoded in UTF-8. @@ -92,6 +98,10 @@ prefixes[i] = new Encoded(); } + public void setHeader(String header) { + this.header = header; + } + @Override public void startDocument(XMLSerializer serializer, boolean fragment, int[] nsUriIndex2prefixIndex, NamespaceContextImpl nsContext) throws IOException, SAXException, XMLStreamException { super.startDocument(serializer, fragment,nsUriIndex2prefixIndex,nsContext); @@ -100,6 +110,10 @@ if(!fragment) { write(XML_DECL); } + if(header!=null) { + textBuffer.set(header); + textBuffer.write(this); + } } public void endDocument(boolean fragment) throws IOException, SAXException, XMLStreamException { @@ -383,11 +397,23 @@ return buf; } - private static final byte[] XMLNS_EQUALS = toBytes(" xmlns=\""); - private static final byte[] XMLNS_COLON = toBytes(" xmlns:"); - private static final byte[] EQUALS = toBytes("=\""); - private static final byte[] CLOSE_TAG = toBytes("</"); - private static final byte[] EMPTY_TAG = toBytes("/>"); + // per instance copy to prevent an attack where malicious OutputStream + // rewrites the byte array. + private final byte[] XMLNS_EQUALS = _XMLNS_EQUALS.clone(); + private final byte[] XMLNS_COLON = _XMLNS_COLON.clone(); + private final byte[] EQUALS = _EQUALS.clone(); + private final byte[] CLOSE_TAG = _CLOSE_TAG.clone(); + private final byte[] EMPTY_TAG = _EMPTY_TAG.clone(); + private final byte[] XML_DECL = _XML_DECL.clone(); + + // masters + private static final byte[] _XMLNS_EQUALS = toBytes(" xmlns=\""); + private static final byte[] _XMLNS_COLON = toBytes(" xmlns:"); + private static final byte[] _EQUALS = toBytes("=\""); + private static final byte[] _CLOSE_TAG = toBytes("</"); + private static final byte[] _EMPTY_TAG = toBytes("/>"); + private static final byte[] _XML_DECL = toBytes("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>"); + + // no need to copy private static final byte[] EMPTY_BYTE_ARRAY = new byte[0]; - private static final byte[] XML_DECL = toBytes("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>"); }