Mercurial > hg > release > icedtea6-1.12
view patches/openjdk/oj6-20-merge.patch @ 3029:dfef77966f7c
Add 2013/10/15 security fixes.
2013-10-29 Andrew John Hughes <gnu.andrew@redhat.com>
* Makefile.am:
(SECURITY_PATCHES): Add security update.
* NEWS: Updated.
* patches/jtreg-LastErrorString.patch,
* patches/use-idx_t.patch,
* patches/openjdk/7162902-corba_fixes.patch,
* patches/openjdk/7196533-timezone_bottleneck.patch,
* patches/openjdk/8010727-empty_logger_name.patch,
* patches/openjdk/8010939-logmanager_deadlock.patch,
* patches/openjdk/8012617-arrayindexoutofbounds_linebreakmeasurer.patch,
* patches/openjdk/8014718-remove_logging_suntoolkit.patch:
Regenerated.
* patches/nss-config.patch: Fix path to java.security.
* patches/openjdk/4075303-javap_update.patch,
* patches/openjdk/4111861-static_fields.patch,
* patches/openjdk/4501661-disallow_mixing.patch,
* patches/openjdk/4884240-javap_additional_option.patch,
* patches/openjdk/6708729-javap_makefile_update.patch,
* patches/openjdk/6715767-javap_crash.patch,
* patches/openjdk/6819246-javap_instruction_decoding.patch,
* patches/openjdk/6824493-experimental.patch,
* patches/openjdk/6841419-classfile_iterator.patch,
* patches/openjdk/6841420-classfile_methods.patch,
* patches/openjdk/6843013-missing_experimental.patch,
* patches/openjdk/6852856-javap_subclasses.patch,
* patches/openjdk/6867671-javap_whitespace.patch,
* patches/openjdk/6868539-constant_pool_tags.patch,
* patches/openjdk/6902264-fix_indentation.patch,
* patches/openjdk/6954275-big_xml_signatures.patch,
* patches/openjdk/7146431-java.security_files.patch,
* patches/openjdk/8000450-restrict_access.patch,
* patches/openjdk/8002070-remove_logger_stack_search.patch,
* patches/openjdk/8003992-embedded_nulls.patch,
* patches/openjdk/8004188-rename_java.security.patch,
* patches/openjdk/8006882-jmockit.patch,
* patches/openjdk/8006900-new_date_time.patch,
* patches/openjdk/8008589-better_mbean_permission_validation.patch,
* patches/openjdk/8010118-caller_sensitive.patch,
* patches/openjdk/8011071-better_crypto_provider_handling.patch,
* patches/openjdk/8011081-improve_jhat.patch,
* patches/openjdk/8011139-revise_checking_getenclosingclass.patch,
* patches/openjdk/8011157-improve_corba_portability-jdk.patch,
* patches/openjdk/8011157-improve_corba_portability.patch,
* patches/openjdk/8011990-logger_test_urls.patch,
* patches/openjdk/8012071-better_bean_building.patch,
* patches/openjdk/8012147-improve_tool.patch,
* patches/openjdk/8012243-serial_regression.patch,
* patches/openjdk/8012277-improve_dataflavour.patch,
* patches/openjdk/8012425-transform_transformfactory.patch,
* patches/openjdk/8012453-runtime.exec.patch,
* patches/openjdk/8013380-logger_stack_walk_glassfish.patch,
* patches/openjdk/8013503-improve_stream_factories.patch,
* patches/openjdk/8013506-better_pack200.patch,
* patches/openjdk/8013510-augment_image_writing.patch,
* patches/openjdk/8013514-improve_cmap_stability.patch,
* patches/openjdk/8013739-better_ldap_resource_management.patch,
* patches/openjdk/8013744-better_tabling.patch,
* patches/openjdk/8013827-createtempfile_hang.patch,
* patches/openjdk/8014085-better_serialization.patch,
* patches/openjdk/8014093-improve_image_parsing.patch,
* patches/openjdk/8014102-improve_image_conversion.patch,
* patches/openjdk/8014341-better_kerberos_service.patch,
* patches/openjdk/8014349-getdeclaredclass_fix.patch,
* patches/openjdk/8014530-better_dsp.patch,
* patches/openjdk/8014534-better_profiling.patch,
* patches/openjdk/8014745-logger_stack_walk_switch.patch,
* patches/openjdk/8014987-augment_serialization.patch,
* patches/openjdk/8015144-performance_regression.patch,
* patches/openjdk/8015614-update_build.patch,
* patches/openjdk/8015731-auth_improvements.patch,
* patches/openjdk/8015743-address_internet_addresses.patch,
* patches/openjdk/8015965-typo_in_property_name.patch,
* patches/openjdk/8015978-incorrect_transformation.patch,
* patches/openjdk/8016256-finalization_final.patch,
* patches/openjdk/8016357-update_hs_diagnostic_class.patch,
* patches/openjdk/8016653-ignoreable_characters.patch,
* patches/openjdk/8016675-robust_javadoc.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately-jdk.patch,
* patches/openjdk/8017196-ensure_proxies_are_handled_appropriately.patch,
* patches/openjdk/8017287-better_resource_disposal.patch,
* patches/openjdk/8017291-cast_proxies_aside.patch,
* patches/openjdk/8017298-better_xml_support.patch,
* patches/openjdk/8017300-improve_interface_implementation.patch,
* patches/openjdk/8017505-better_client_service.patch,
* patches/openjdk/8017566-backout_part_of_8000450.patch,
* patches/openjdk/8019292-better_attribute_value_exceptions.patch,
* patches/openjdk/8019584-invalid_notification_fix.patch,
* patches/openjdk/8019617-better_view_of_objects.patch,
* patches/openjdk/8019969-inet6_test_case_fix.patch,
* patches/openjdk/8019979-better_access_test.patch,
* patches/openjdk/8020293-jvm_crash.patch,
* patches/openjdk/8021290-signature_validation.patch,
* patches/openjdk/8021355-splashscreen_regression.patch,
* patches/openjdk/8021366-jaxp_test_fix-01.patch,
* patches/openjdk/8021577-bean_serialization_fix.patch,
* patches/openjdk/8021933-jaxp_test_fix-02.patch,
* patches/openjdk/8021969-jnlp_load_failure.patch,
* patches/openjdk/8022661-writeobject_flush.patch,
* patches/openjdk/8022682-supporting_xom.patch,
* patches/openjdk/8022940-enhance_corba_translations.patch,
* patches/openjdk/8023683-enhance_class_file_parsing.patch,
* patches/openjdk/8023964-ignore_test.patch,
* patches/openjdk/8024914-swapped_usage.patch,
* patches/openjdk/8025128-createtempfile_absolute_prefix.patch,
* patches/openjdk/oj6-19-fix_8010118_test_cases.patch,
* patches/openjdk/oj6-20-merge.patch,
* patches/openjdk/oj6-21-overrides.patch: Added.
author | Andrew John Hughes <gnu.andrew@redhat.com> |
---|---|
date | Wed, 20 Nov 2013 22:56:43 +0000 |
parents | |
children |
line wrap: on
line source
# HG changeset patch # User andrew # Date 1383034761 0 # Tue Oct 29 08:19:21 2013 +0000 # Node ID 05c35de6d7047c6d6d6e8edc402b7fab861d0a21 # Parent efb24af909a020f3a3b3d446f6db15fc8b1c309a OPENJDK6-20: Resolve merge issues with JAXP security fixes Reviewed-by: omajid diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/compiler/XSLTC.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/compiler/XSLTC.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/compiler/XSLTC.java Tue Oct 29 08:19:21 2013 +0000 @@ -157,6 +157,25 @@ } /** + * Return allowed protocols for accessing external stylesheet. + */ + public Object getProperty(String name) { + if (name.equals(XalanConstants.SECURITY_MANAGER)) { + return _xmlSecurityManager; + } + return null; + } + + /** + * Set allowed protocols for accessing external stylesheet. + */ + public void setProperty(String name, Object value) { + if (name.equals(XalanConstants.SECURITY_MANAGER)) { + _xmlSecurityManager = (XMLSecurityManager)value; + } + } + + /** * Only for user by the internal TrAX implementation. */ public Parser getParser() { @@ -901,23 +920,4 @@ return newDataOffset; } - /** - * Return allowed protocols for accessing external stylesheet. - */ - public Object getProperty(String name) { - if (name.equals(XalanConstants.SECURITY_MANAGER)) { - return _xmlSecurityManager; - } - return null; - } - - /** - * Set allowed protocols for accessing external stylesheet. - */ - public void setProperty(String name, Object value) { - if (name.equals(XalanConstants.SECURITY_MANAGER)) { - _xmlSecurityManager = (XMLSecurityManager)value; - } - } - } diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/trax/TransformerFactoryImpl.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/trax/TransformerFactoryImpl.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xalan/internal/xsltc/trax/TransformerFactoryImpl.java Tue Oct 29 08:19:21 2013 +0000 @@ -283,6 +283,14 @@ } else if (name.equals(XalanConstants.SECURITY_MANAGER)) { return _xmlSecurityManager; } + + /** Check to see if the property is managed by the security manager **/ + String propertyValue = (_xmlSecurityManager != null) ? + _xmlSecurityManager.getLimitAsString(name) : null; + if (propertyValue != null) { + return propertyValue; + } + // Throw an exception for all other attributes ErrorMsg err = new ErrorMsg(ErrorMsg.JAXP_INVALID_ATTR_ERR, name); throw new IllegalArgumentException(err.toString()); @@ -383,6 +391,11 @@ } } + if (_xmlSecurityManager != null && + _xmlSecurityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, value)) { + return; + } + // Throw an exception for all other attributes final ErrorMsg err = new ErrorMsg(ErrorMsg.JAXP_INVALID_ATTR_ERR, name); @@ -856,7 +869,13 @@ } else { err = new ErrorMsg(ErrorMsg.JAXP_COMPILE_ERR); } - TransformerConfigurationException exc = new TransformerConfigurationException(err.toString(), err.getCause()); + Throwable cause = err.getCause(); + TransformerConfigurationException exc; + if (cause != null) { + exc = new TransformerConfigurationException(cause.getMessage(), cause); + } else { + exc = new TransformerConfigurationException(err.toString()); + } // Pass compiler errors to the error listener if (_errorListener != null) { diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java Tue Oct 29 08:19:21 2013 +0000 @@ -179,6 +179,13 @@ return; } + //check if the property is managed by security manager + if (fSecurityManager == null || + !fSecurityManager.setLimit(property, XMLSecurityManager.State.APIPROPERTY, value)) { + //fall back to the existing property manager + supportedProps.put(property, value); + } + supportedProps.put(property, value ) ; if(equivalentProperty != null){ supportedProps.put(equivalentProperty, value ) ; diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderFactoryImpl.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderFactoryImpl.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderFactoryImpl.java Tue Oct 29 08:19:21 2013 +0000 @@ -191,6 +191,9 @@ public void setFeature(String name, boolean value) throws ParserConfigurationException { + if (features == null) { + features = new Hashtable(); + } // If this is the secure processing feature, save it then return. if (name.equals(XMLConstants.FEATURE_SECURE_PROCESSING)) { if (System.getSecurityManager() != null && (!value)) { @@ -199,11 +202,10 @@ "jaxp-secureprocessing-feature", null)); } fSecureProcess = value; + features.put(name, value ? Boolean.TRUE : Boolean.FALSE); return; } - if (features == null) { - features = new Hashtable(); - } + features.put(name, value ? Boolean.TRUE : Boolean.FALSE); // Test the feature by possibly throwing SAX exceptions try { diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderImpl.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderImpl.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/DocumentBuilderImpl.java Tue Oct 29 08:19:21 2013 +0000 @@ -253,12 +253,16 @@ } } } else { - // Let Xerces code handle the property - domParser.setProperty(name, val); - } - } + //check if the property is managed by security manager + if (fSecurityManager == null || + !fSecurityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, val)) { + //fall back to the existing property manager + domParser.setProperty(name, val); + } } + } } + } /** * Non-preferred: use the getDOMImplementation() method instead of this diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserFactoryImpl.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserFactoryImpl.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserFactoryImpl.java Tue Oct 29 08:19:21 2013 +0000 @@ -124,6 +124,7 @@ "jaxp-secureprocessing-feature", null)); } fSecureProcess = value; + putInFeatures(name, value); return; } diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserImpl.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserImpl.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/SAXParserImpl.java Tue Oct 29 08:19:21 2013 +0000 @@ -344,8 +344,10 @@ fSecurityManager = new XMLSecurityManager(true); try { super.setProperty(SECURITY_MANAGER, fSecurityManager); - } catch (Exception ex) { - //shall not happen + } catch (SAXException e) { + throw new UnsupportedOperationException( + SAXMessageFormatter.formatMessage(fConfiguration.getLocale(), + "property-not-recognized", new Object [] {SECURITY_MANAGER}), e); } } } @@ -475,14 +477,21 @@ return; } } - if (!fInitProperties.containsKey(name)) { - fInitProperties.put(name, super.getProperty(name)); - } /** Forward property to the schema validator if there is one. **/ if (fSAXParser != null && fSAXParser.fSchemaValidator != null) { setSchemaValidatorProperty(name, value); } - super.setProperty(name, value); + + //check if the property is managed by security manager + if (fSecurityManager == null || + !fSecurityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, value)) { + //fall back to the existing property manager + if (!fInitProperties.containsKey(name)) { + fInitProperties.put(name, super.getProperty(name)); + } + super.setProperty(name, value); + } + } public synchronized Object getProperty(String name) @@ -495,6 +504,14 @@ // JAXP 1.2 support return fSAXParser.schemaLanguage; } + + /** Check to see if the property is managed by the security manager **/ + String propertyValue = (fSecurityManager != null) ? + fSecurityManager.getLimitAsString(name) : null; + if (propertyValue != null) { + return propertyValue; + } + return super.getProperty(name); } diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/AbstractXMLSchema.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/AbstractXMLSchema.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/AbstractXMLSchema.java Tue Oct 29 08:19:21 2013 +0000 @@ -85,8 +85,7 @@ /* * Other methods */ - - final void setFeature(String featureId, boolean state) { + public final void setFeature(String featureId, boolean state) { fFeatures.put(featureId, state ? Boolean.TRUE : Boolean.FALSE); } diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaFactory.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaFactory.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaFactory.java Tue Oct 29 08:19:21 2013 +0000 @@ -239,6 +239,7 @@ else { schema = new EmptyXMLSchema(); } + propagateProperties(schema); propagateFeatures(schema); return schema; } @@ -247,6 +248,7 @@ // Use a Schema that uses the system id as the equality source. AbstractXMLSchema schema = new WeakReferenceXMLSchema(); propagateFeatures(schema); + propagateProperties(schema); return schema; } @@ -322,7 +324,6 @@ "jaxp-secureprocessing-feature", null)); } - fSecurityManager = value ? new XMLSecurityManager() : null; fSecurityManager.setSecureProcessing(value); fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager); return; @@ -362,7 +363,12 @@ "property-not-supported", new Object [] {name})); } try { - fXMLSchemaLoader.setProperty(name, object); + //check if the property is managed by security manager + if (fSecurityManager == null || + !fSecurityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, object)) { + //fall back to the existing property manager + fXMLSchemaLoader.setProperty(name, object); + } } catch (XMLConfigurationException e) { String identifier = e.getIdentifier(); @@ -388,6 +394,15 @@ } } + private void propagateProperties(AbstractXMLSchema schema) { + String[] properties = fXMLSchemaLoader.getRecognizedProperties(); + for (int i = 0; i < properties.length; ++i) { + Object state = fXMLSchemaLoader.getProperty(properties[i]); + schema.setProperty(properties[i], state); + } + } + + /** * Extension of XMLGrammarPoolImpl which exposes the number of * grammars stored in the grammar pool. diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaValidatorComponentManager.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaValidatorComponentManager.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaValidatorComponentManager.java Tue Oct 29 08:19:21 2013 +0000 @@ -368,11 +368,15 @@ return; } - //fall back to the existing property manager - if (!fInitProperties.containsKey(propertyId)) { - fInitProperties.put(propertyId, super.getProperty(propertyId)); + //check if the property is managed by security manager + if (fInitSecurityManager == null || + !fInitSecurityManager.setLimit(propertyId, XMLSecurityManager.State.APIPROPERTY, value)) { + //fall back to the existing property manager + if (!fInitProperties.containsKey(propertyId)) { + fInitProperties.put(propertyId, super.getProperty(propertyId)); + } + super.setProperty(propertyId, value); } - super.setProperty(propertyId, value); } /** diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/parsers/SAXParser.java --- openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/parsers/SAXParser.java Tue Oct 29 08:11:44 2013 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/parsers/SAXParser.java Tue Oct 29 08:19:21 2013 +0000 @@ -25,6 +25,8 @@ import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager; import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarPool; import com.sun.org.apache.xerces.internal.xni.parser.XMLParserConfiguration; +import org.xml.sax.SAXNotRecognizedException; +import org.xml.sax.SAXNotSupportedException; /** * This is the main Xerces SAX parser class. It uses the abstract SAX @@ -125,4 +127,31 @@ } // <init>(SymbolTable,XMLGrammarPool) + /** + * Sets the particular property in the underlying implementation of + * org.xml.sax.XMLReader. + */ + public void setProperty(String name, Object value) + throws SAXNotRecognizedException, SAXNotSupportedException { + /** + * It's possible for users to set a security manager through the interface. + * If it's the old SecurityManager, convert it to the new XMLSecurityManager + */ + if (name.equals(Constants.SECURITY_MANAGER)) { + securityManager = XMLSecurityManager.convert(value, securityManager); + super.setProperty(Constants.SECURITY_MANAGER, securityManager); + return; + } + + if (securityManager == null) { + securityManager = new XMLSecurityManager(true); + super.setProperty(Constants.SECURITY_MANAGER, securityManager); + } + + //check if the property is managed by security manager + if (!securityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, value)) { + //fall back to the default configuration to handle the property + super.setProperty(name, value); + } + } } // class SAXParser diff -r efb24af909a0 -r 05c35de6d704 drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/util/SecurityManager.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ openjdk/jaxp/drop_included/jaxp_src/src/com/sun/org/apache/xerces/internal/util/SecurityManager.java Tue Oct 29 08:19:21 2013 +0000 @@ -0,0 +1,215 @@ +/* + * reserved comment block + * DO NOT REMOVE OR ALTER! + */ +/* + * The Apache Software License, Version 1.1 + * + * + * Copyright (c) 2003 The Apache Software Foundation. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The end-user documentation included with the redistribution, + * if any, must include the following acknowledgment: + * "This product includes software developed by the + * Apache Software Foundation (http://www.apache.org/)." + * Alternately, this acknowledgment may appear in the software itself, + * if and wherever such third-party acknowledgments normally appear. + * + * 4. The names "Xerces" and "Apache Software Foundation" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact apache@apache.org. + * + * 5. Products derived from this software may not be called "Apache", + * nor may "Apache" appear in their name, without prior written + * permission of the Apache Software Foundation. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation and was + * originally based on software copyright (c) 1999, International + * Business Machines, Inc., http://www.apache.org. For more + * information on the Apache Software Foundation, please see + * <http://www.apache.org/>. + */ + +package com.sun.org.apache.xerces.internal.util; +import com.sun.org.apache.xerces.internal.impl.Constants; +/** + * This class is a container for parser settings that relate to + * security, or more specifically, it is intended to be used to prevent denial-of-service + * attacks from being launched against a system running Xerces. + * Any component that is aware of a denial-of-service attack that can arise + * from its processing of a certain kind of document may query its Component Manager + * for the property (http://apache.org/xml/properties/security-manager) + * whose value will be an instance of this class. + * If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) + * manner. If a value has been set, then it must be the case that the component in + * question needs to know what method of this class to query. This class + * will provide defaults for all known security issues, but will also provide + * setters so that those values can be tailored by applications that care. + * + * @author Neil Graham, IBM + * + */ +public final class SecurityManager { + + // + // Constants + // + + // default value for entity expansion limit + private final static int DEFAULT_ENTITY_EXPANSION_LIMIT = 64000; + + /** Default value of number of nodes created. **/ + private final static int DEFAULT_MAX_OCCUR_NODE_LIMIT = 5000; + + // + // Data + // + + private final static int DEFAULT_ELEMENT_ATTRIBUTE_LIMIT = 10000; + + /** Entity expansion limit. **/ + private int entityExpansionLimit; + + /** W3C XML Schema maxOccurs limit. **/ + private int maxOccurLimit; + + private int fElementAttributeLimit; + // default constructor. Establishes default values for + // all known security holes. + /** + * Default constructor. Establishes default values + * for known security vulnerabilities. + */ + public SecurityManager() { + entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; + maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ; + fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; + //We are reading system properties only once , + //at the time of creation of this object , + readSystemProperties(); + } + + /** + * <p>Sets the number of entity expansions that the + * parser should permit in a document.</p> + * + * @param limit the number of entity expansions + * permitted in a document + */ + public void setEntityExpansionLimit(int limit) { + entityExpansionLimit = limit; + } + + /** + * <p>Returns the number of entity expansions + * that the parser permits in a document.</p> + * + * @return the number of entity expansions + * permitted in a document + */ + public int getEntityExpansionLimit() { + return entityExpansionLimit; + } + + /** + * <p>Sets the limit of the number of content model nodes + * that may be created when building a grammar for a W3C + * XML Schema that contains maxOccurs attributes with values + * other than "unbounded".</p> + * + * @param limit the maximum value for maxOccurs other + * than "unbounded" + */ + public void setMaxOccurNodeLimit(int limit){ + maxOccurLimit = limit; + } + + /** + * <p>Returns the limit of the number of content model nodes + * that may be created when building a grammar for a W3C + * XML Schema that contains maxOccurs attributes with values + * other than "unbounded".</p> + * + * @return the maximum value for maxOccurs other + * than "unbounded" + */ + public int getMaxOccurNodeLimit(){ + return maxOccurLimit; + } + + public int getElementAttrLimit(){ + return fElementAttributeLimit; + } + + public void setElementAttrLimit(int limit){ + fElementAttributeLimit = limit; + } + + private void readSystemProperties(){ + + try { + String value = System.getProperty(Constants.ENTITY_EXPANSION_LIMIT); + if(value != null && !value.equals("")){ + entityExpansionLimit = Integer.parseInt(value); + if (entityExpansionLimit < 0) + entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; + } + else + entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; + }catch(Exception ex){} + + try { + String value = System.getProperty(Constants.MAX_OCCUR_LIMIT); + if(value != null && !value.equals("")){ + maxOccurLimit = Integer.parseInt(value); + if (maxOccurLimit < 0) + maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT; + } + else + maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT; + }catch(Exception ex){} + + try { + String value = System.getProperty(Constants.ELEMENT_ATTRIBUTE_LIMIT); + if(value != null && !value.equals("")){ + fElementAttributeLimit = Integer.parseInt(value); + if ( fElementAttributeLimit < 0) + fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; + } + else + fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; + + }catch(Exception ex){} + + } + +} // class SecurityManager