Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4973312

SecureProcessing: SPE thrown when maxOccurs < MaxOccurNodeLimit

XMLWordPrintable

    • b38
    • generic
    • generic

        Name: inR10064 Date: 12/30/2003


        Parser mistakenly throws SAXParseException with message
          "Current configuration of the parser doesn't allow a maxOccurs
           attribute value to be set greater than the value 30."

        while parsing document with schema which defines maxOccurs='11'. The
        SecureProcessing object with MaxOccurNodeLimit=30 is set for the parser.
        The same effect is observed for some other pairs (MaxOccurNodeLimit, maxOccurs)
        and sometimes parser processes valid combinations correctly.

        The sample below contains document where element <e2/> occurs 4 times and it
        is parsed with following (MaxOccurNodeLimit, maxOccurs) values :

           not set, 3 OK: schema constraint violation detected
        2, 3 OK: (maxOccurs > MaxOccurNodeLimit) detected
        9, 3 OK: schema constraint violation detected
        9, 4 wrong SPE("configuration doesn't allow a maxOccurs > 9")
        9, 5 wrong SPE("configuration doesn't allow a maxOccurs > 9")
        30, 5 OK: parse without errors
        30, 11 wrong SPE("configuration doesn't allow a maxOccurs > 30")

        The log is provided below.

        The bug affects new tests in JCK 1.5 (not yet integrated):
          api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_502]
          api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_552]

        The bug found in the JDK 1.5.0-beta-b32.

        --------------------------------------------------------------------------
        package tests;

        import java.io.StringReader;
        import javax.xml.SecureProcessing;
        import javax.xml.parsers.DocumentBuilder;
        import javax.xml.parsers.DocumentBuilderFactory;
        import javax.xml.parsers.ParserConfigurationException;
        import org.xml.sax.ErrorHandler;
        import org.xml.sax.InputSource;
        import org.xml.sax.SAXException;
        import org.xml.sax.SAXParseException;

        public class MaxLimit001 {

            InputSource createSchema(int max) {
                String schemaSource =
                              "<?xml version='1.0'?>\n"
                              + "<xsd:schema xmlns:xsd='http://www.w3.org/2001/XMLSchema&#39;>\n"
                              + " <xsd:element name='test101'>\n"
                              + " <xsd:complexType>\n"
                              + " <xsd:sequence>\n"
                              + " <xsd:element name='e2' minOccurs='0' maxOccurs='"+max+"'/>\n"
                              + " </xsd:sequence>\n"
                              + " <xsd:attribute name='attr'/>\n"
                              + " <xsd:attribute name='attr2' default='DEF'/>\n"
                              + " </xsd:complexType>\n"
                              + " </xsd:element>\n"
                              + "</xsd:schema>\n";
        return new InputSource(new StringReader(schemaSource));
            }

            InputSource createDoc() {
                String source = "<?xml version='1.0'?>\n"
                              + " <test101 attr='a'>\n"
                              + " <e2/> <e2/> <e2/> <e2/>\n"
                              + " </test101>\n"
        ;
        return new InputSource(new StringReader(source));
            }

            ErrorHandler errHdlr = new ErrorHandler() {
               public void warning(SAXParseException e) {
        System.out.println("ErrorHandler warning: "+ e);
        }
        public void error(SAXParseException e) {
        System.out.println("ErrorHandler error: "+ e);
        }
        public void fatalError(SAXParseException e) {
        System.out.println("ErrorHandler fatalError: "+ e);
        }
        };

            void chkParse(int mnl, int mo) {
                DocumentBuilderFactory docBFactory = DocumentBuilderFactory.newInstance();
                if (mnl > 0)
        docBFactory.setSecureProcessing(new SecureProcessing(100, mnl));
                System.out.println("---- MaxOccurNodeLimit: "+ mnl +"; maxOccurs="+mo+" ----");

                docBFactory.setNamespaceAware(true);
                docBFactory.setValidating(true);
                docBFactory.setAttribute("http://java.sun.com/xml/jaxp/properties/schemaLanguage",
            "http://www.w3.org/2001/XMLSchema");
                docBFactory.setAttribute("http://java.sun.com/xml/jaxp/properties/schemaSource",
            createSchema(mo));

                DocumentBuilder docBuilder;
                try {
                    docBuilder = docBFactory.newDocumentBuilder();
                } catch (ParserConfigurationException pce) {
                    pce.printStackTrace();
                    return;
                }
                docBuilder.setErrorHandler(errHdlr);

                try {
                    System.out.println("-- parse() returns "+ docBuilder.parse(createDoc()));
                } catch (Exception e) {
                    System.out.println("** Exception: " + e);
                }
            }

            public static void main(String argv[]) {
        MaxLimit001 test = new MaxLimit001();
        test.chkParse(-1, 3);
        test.chkParse( 2, 3);
        test.chkParse( 9, 3);
        test.chkParse( 9, 4);
        test.chkParse( 9, 5);
        test.chkParse(30, 5);
        test.chkParse(30, 11);
            }

        }

        --------------------------------------------------------------------------
        % java -showversion tests.MaxLimit001
        java version "1.5.0-beta"
        Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32)
        Java HotSpot(TM) Server VM (build 1.5.0-beta-b32, mixed mode)

        ---- MaxOccurNodeLimit: -1; maxOccurs=3 ----
        ErrorHandler error: org.xml.sax.SAXParseException: cvc-complex-type.2.4.d: Invalid content was
        found starting with element 'e2'. No child element is expected at this point.
        -- parse() returns [#document: null]
        ---- MaxOccurNodeLimit: 2; maxOccurs=3 ----
        ErrorHandler fatalError: org.xml.sax.SAXParseException: Current configuration of the parser
        doesn't allow a maxOccurs attribute value to be set greater than the value 2.
        ** Exception: org.xml.sax.SAXParseException: Current configuration of the parser doesn't allow
        a maxOccurs attribute value to be set greater than the value 2.
        ---- MaxOccurNodeLimit: 9; maxOccurs=3 ----
        ErrorHandler error: org.xml.sax.SAXParseException: cvc-complex-type.2.4.d: Invalid content was
        found starting with element 'e2'. No child element is expected at this point.
        -- parse() returns [#document: null]
        ---- MaxOccurNodeLimit: 9; maxOccurs=4 ----
        ErrorHandler fatalError: org.xml.sax.SAXParseException: Current configuration of the parser
        doesn't allow a maxOccurs attribute value to be set greater than the value 9.
        ** Exception: org.xml.sax.SAXParseException: Current configuration of the parser doesn't allow
        a maxOccurs attribute value to be set greater than the value 9.
        ---- MaxOccurNodeLimit: 9; maxOccurs=5 ----
        ErrorHandler fatalError: org.xml.sax.SAXParseException: Current configuration of the parser
        doesn't allow a maxOccurs attribute value to be set greater than the value 9.
        ** Exception: org.xml.sax.SAXParseException: Current configuration of the parser doesn't allow
        a maxOccurs attribute value to be set greater than the value 9.
        ---- MaxOccurNodeLimit: 30; maxOccurs=5 ----
        -- parse() returns [#document: null]
        ---- MaxOccurNodeLimit: 30; maxOccurs=11 ----
        ErrorHandler fatalError: org.xml.sax.SAXParseException: Current configuration of the parser
        doesn't allow a maxOccurs attribute value to be set greater than the value 30.
        ** Exception: org.xml.sax.SAXParseException: Current configuration of the parser doesn't allow
        a maxOccurs attribute value to be set greater than the value 30.

        --------------------------------------------------------------------------

        ======================================================================

              jsuttorsunw Jeff Suttor (Inactive)
              inevsunw Inev Inev (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: