-
Bug
-
Resolution: Fixed
-
P3
-
5.0
-
b38
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2078722 | 1.3.0 | Jeff Suttor | P3 | Resolved | Fixed | 1.3 |
Name: inR10064 Date: 12/30/2003
Parser allows (EntityExpansionLimit+1) entity refs in document.
See the sample code and log provided below.
The bug affects new tests in JCK 1.5 (not yet integrated):
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_502]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_552]
The bug found in the JDK 1.5.0-beta-b32.
--------------------------------------------------------------------------
package tests;
import java.io.StringReader;
import javax.xml.SecureProcessing;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.xml.sax.ErrorHandler;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
public class ELLimit001 {
InputSource createDoc(int en) {
String source = "<?xml version='1.0'?>\n"
+ " <!DOCTYPE root [\n"
+ " ENTITY text 'some' \n"
+ " ELEMENT root (elem)* \n"
+ " ELEMENT elem ANY ]>\n"
+ " <root>\n";
for (; en>0; en--)
source += " <elem> &text; </elem>\n";
source += " </root>\n";
return new InputSource(new StringReader(source));
}
ErrorHandler errHdlr = new ErrorHandler() {
public void warning(SAXParseException e) {
System.out.println("ErrorHandler warning: "+ e);
}
public void error(SAXParseException e) {
System.out.println("ErrorHandler error: "+ e);
}
public void fatalError(SAXParseException e) {
System.out.println("ErrorHandler fatalError: "+ e);
}
};
void chkParse(int eel, int en) {
DocumentBuilderFactory docBFactory = DocumentBuilderFactory.newInstance();
if (eel > 0)
docBFactory.setSecureProcessing(new SecureProcessing(eel, 100));
System.out.println("---- EntityExpansionLimit: "+ eel +"; entities: "+en+" ----");
docBFactory.setNamespaceAware(true);
docBFactory.setValidating(true);
DocumentBuilder docBuilder;
try {
docBuilder = docBFactory.newDocumentBuilder();
} catch (ParserConfigurationException pce) {
pce.printStackTrace();
return;
}
docBuilder.setErrorHandler(errHdlr);
try {
System.out.println("-- parse() returns "+ docBuilder.parse(createDoc(en)));
} catch (Exception e) {
System.out.println("** Exception: " + e);
}
}
public static void main(String argv[]) {
ELLimit001 test = new ELLimit001();
test.chkParse(-1, 6);
test.chkParse( 2, 6);
test.chkParse( 5, 6);
test.chkParse( 6, 6);
test.chkParse( 6, 7);
test.chkParse( 6, 15);
test.chkParse(30, 15);
test.chkParse(30, 31);
test.chkParse(30, 41);
}
}
--------------------------------------------------------------------------
% java -showversion tests.ELLimit001
java version "1.5.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32)
Java HotSpot(TM) Server VM (build 1.5.0-beta-b32, mixed mode)
---- EntityExpansionLimit: -1; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 2; entities: 6 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"2" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "2" entity
expansions in this document; this is the limit imposed by the application.
---- EntityExpansionLimit: 5; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 7 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 15 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"6" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "6" entity
expansions in this document; this is the limit imposed by the application.
---- EntityExpansionLimit: 30; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 31 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 41 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"30" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "30" entity
expansions in this document; this is the limit imposed by the application.
--------------------------------------------------------------------------
======================================================================
###@###.### 2004-01-22
Name: inR10064 Date: 02/06/2004
Seems that there was temp fix of the bug in builds 36,37 of JDK 1.5
which drops limit check at all (see below run of the sample code on
JDK 1.5-b37). The change causes failure of two new JCK 15 tests
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_503]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_553]
It's awaiten that fix which were integrated into JDK 1.5-b38 will
resolve the issue and the these failures of
SecureProcessingEntity/index.html#ExpansionLimit
tests go away.
--------------------------------------------------------------------------
ja -cp . -showversion tests.ELLimit001
java version "1.5.0-beta2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta2-b37)
Java HotSpot(TM) Server VM (build 1.5.0-beta2-b37, mixed mode)
---- EntityExpansionLimit: -1; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 2; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 5; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 7 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 31 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 41 ----
-- parse() returns [#document: null]
======================================================================
Parser allows (EntityExpansionLimit+1) entity refs in document.
See the sample code and log provided below.
The bug affects new tests in JCK 1.5 (not yet integrated):
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_502]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_552]
The bug found in the JDK 1.5.0-beta-b32.
--------------------------------------------------------------------------
package tests;
import java.io.StringReader;
import javax.xml.SecureProcessing;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.xml.sax.ErrorHandler;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
public class ELLimit001 {
InputSource createDoc(int en) {
String source = "<?xml version='1.0'?>\n"
+ " <!DOCTYPE root [\n"
+ " ENTITY text 'some' \n"
+ " ELEMENT root (elem)* \n"
+ " ELEMENT elem ANY ]>\n"
+ " <root>\n";
for (; en>0; en--)
source += " <elem> &text; </elem>\n";
source += " </root>\n";
return new InputSource(new StringReader(source));
}
ErrorHandler errHdlr = new ErrorHandler() {
public void warning(SAXParseException e) {
System.out.println("ErrorHandler warning: "+ e);
}
public void error(SAXParseException e) {
System.out.println("ErrorHandler error: "+ e);
}
public void fatalError(SAXParseException e) {
System.out.println("ErrorHandler fatalError: "+ e);
}
};
void chkParse(int eel, int en) {
DocumentBuilderFactory docBFactory = DocumentBuilderFactory.newInstance();
if (eel > 0)
docBFactory.setSecureProcessing(new SecureProcessing(eel, 100));
System.out.println("---- EntityExpansionLimit: "+ eel +"; entities: "+en+" ----");
docBFactory.setNamespaceAware(true);
docBFactory.setValidating(true);
DocumentBuilder docBuilder;
try {
docBuilder = docBFactory.newDocumentBuilder();
} catch (ParserConfigurationException pce) {
pce.printStackTrace();
return;
}
docBuilder.setErrorHandler(errHdlr);
try {
System.out.println("-- parse() returns "+ docBuilder.parse(createDoc(en)));
} catch (Exception e) {
System.out.println("** Exception: " + e);
}
}
public static void main(String argv[]) {
ELLimit001 test = new ELLimit001();
test.chkParse(-1, 6);
test.chkParse( 2, 6);
test.chkParse( 5, 6);
test.chkParse( 6, 6);
test.chkParse( 6, 7);
test.chkParse( 6, 15);
test.chkParse(30, 15);
test.chkParse(30, 31);
test.chkParse(30, 41);
}
}
--------------------------------------------------------------------------
% java -showversion tests.ELLimit001
java version "1.5.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32)
Java HotSpot(TM) Server VM (build 1.5.0-beta-b32, mixed mode)
---- EntityExpansionLimit: -1; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 2; entities: 6 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"2" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "2" entity
expansions in this document; this is the limit imposed by the application.
---- EntityExpansionLimit: 5; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 7 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 15 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"6" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "6" entity
expansions in this document; this is the limit imposed by the application.
---- EntityExpansionLimit: 30; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 31 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 41 ----
ErrorHandler fatalError: org.xml.sax.SAXParseException: The parser has encountered more than
"30" entity expansions in this document; this is the limit imposed by the application.
** Exception: org.xml.sax.SAXParseException: The parser has encountered more than "30" entity
expansions in this document; this is the limit imposed by the application.
--------------------------------------------------------------------------
======================================================================
###@###.### 2004-01-22
Name: inR10064 Date: 02/06/2004
Seems that there was temp fix of the bug in builds 36,37 of JDK 1.5
which drops limit check at all (see below run of the sample code on
JDK 1.5-b37). The change causes failure of two new JCK 15 tests
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_503]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_553]
It's awaiten that fix which were integrated into JDK 1.5-b38 will
resolve the issue and the these failures of
SecureProcessingEntity/index.html#ExpansionLimit
tests go away.
--------------------------------------------------------------------------
ja -cp . -showversion tests.ELLimit001
java version "1.5.0-beta2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta2-b37)
Java HotSpot(TM) Server VM (build 1.5.0-beta2-b37, mixed mode)
---- EntityExpansionLimit: -1; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 2; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 5; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 6 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 7 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 6; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 15 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 31 ----
-- parse() returns [#document: null]
---- EntityExpansionLimit: 30; entities: 41 ----
-- parse() returns [#document: null]
======================================================================
- backported by
-
JDK-2078722 SecureProcessing: parser allows (EntityExpansionLimit+1) entity refs
-
- Resolved
-