-
Bug
-
Resolution: Fixed
-
P3
-
5.0
-
b36
-
generic
-
generic
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2078723 | 1.3.0 | Jeff Suttor | P3 | Resolved | Fixed | 1.3 |
Name: inR10064 Date: 12/30/2003
Methods
javax.xml.SecureProcessing.setEntityExpansionLimit(int limit)
javax.xml.SecureProcessing.setMaxOccurNodeLimit(int limit)
do not throw IllegalArgumentException when the limit is set to 0 or negative value.
The IllegalArgumentException should be thrown according to the javadoc. See the
sample code and log provided below.
The bug affects new tests in JCK 1.5 (not yet integrated):
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_101]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_102]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_151]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_152]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_101]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_102]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_151]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_152]
The bug found in the JDK 1.5.0-beta-b32.
--------------------------------------------------------------------------
package tests;
import javax.xml.SecureProcessing;
public class IAE001 {
public static void main(String argv[]) {
SecureProcessing securePr = new SecureProcessing();
try {
securePr.setEntityExpansionLimit(0);
System.out.println("Fail: "+ securePr.getEntityExpansionLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setEntityExpansionLimit(-10);
System.out.println("Fail: "+ securePr.getEntityExpansionLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setMaxOccurNodeLimit(0);
System.out.println("Fail: "+ securePr.getMaxOccurNodeLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setMaxOccurNodeLimit(-20);
System.out.println("Fail: "+ securePr.getMaxOccurNodeLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
}
}
--------------------------------------------------------------------------
% java -showversion tests.IAE001
java version "1.5.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32)
Java HotSpot(TM) Server VM (build 1.5.0-beta-b32, mixed mode)
Fail: 0
Fail: -10
Fail: 0
Fail: -20
--------------------------------------------------------------------------
======================================================================
Methods
javax.xml.SecureProcessing.setEntityExpansionLimit(int limit)
javax.xml.SecureProcessing.setMaxOccurNodeLimit(int limit)
do not throw IllegalArgumentException when the limit is set to 0 or negative value.
The IllegalArgumentException should be thrown according to the javadoc. See the
sample code and log provided below.
The bug affects new tests in JCK 1.5 (not yet integrated):
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_101]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_102]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_151]
api/javax_xml/SecureProcessing/index.html#EntityExpansionLimit[SetEEL_152]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_101]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_102]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_151]
api/javax_xml/SecureProcessing/index.html#MaxOccurNodeLimit[SetMNL_152]
The bug found in the JDK 1.5.0-beta-b32.
--------------------------------------------------------------------------
package tests;
import javax.xml.SecureProcessing;
public class IAE001 {
public static void main(String argv[]) {
SecureProcessing securePr = new SecureProcessing();
try {
securePr.setEntityExpansionLimit(0);
System.out.println("Fail: "+ securePr.getEntityExpansionLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setEntityExpansionLimit(-10);
System.out.println("Fail: "+ securePr.getEntityExpansionLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setMaxOccurNodeLimit(0);
System.out.println("Fail: "+ securePr.getMaxOccurNodeLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
try {
securePr.setMaxOccurNodeLimit(-20);
System.out.println("Fail: "+ securePr.getMaxOccurNodeLimit());
} catch (IllegalArgumentException e) {
System.out.println("OK: "+ e);
}
}
}
--------------------------------------------------------------------------
% java -showversion tests.IAE001
java version "1.5.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32)
Java HotSpot(TM) Server VM (build 1.5.0-beta-b32, mixed mode)
Fail: 0
Fail: -10
Fail: 0
Fail: -20
--------------------------------------------------------------------------
======================================================================
- backported by
-
JDK-2078723 SecureProcessing: limits can be set to 0 or negative
-
- Resolved
-