Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8028111

XML readers share the same entity expansion counter

    XMLWordPrintable

Details

    • b124
    • Verified

    Backports

      Description

        Issue described here:
        https://forums.oracle.com/thread/2594170
        Oct 23, 2013 11:07 PM by Borislav.Andruschuk
         
        Description:
         
        After upgrading to 1.7.0_45 we have noticed that StAX XMLInputFactory started throwing an exception on reader creation for our simple XML messages. After some investigation, we found that all XML readers share the same XMLSecurityManager and the same XMLLimitAnalyzer with its aggregated total entity expansion counter. It is my understanding that the counter is supposed to be local per reader and not shared across all of them.
         
        The default entity expansion limit is 64000 and if XMLInputFactory tries to create more than 64000 readers It fails because XMLLimitanalyzer total counter is accumulated and at some point exceeds the limit.
         
        OS version:
         
        I assume It should be related to all OS versions, checked only MacOS and RHEL
         
        Development Kit or Runtime version:

        java version "1.7.0_45"
        Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
        Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)
         
        Regression information:

        Test case defined below works on prior JDK versions to 1.7.0_45

        Steps to Reproduce:

        1. create XMLInputFactory
         
        XMLInputFactory factory = XMLInputFactory.newInstance();
         
        2. create XMLEventReader:
         
        factory.createXMLEventReader(stream);
         
        3. repeat step 2 64001 times (default entity expansion limit is 64000)
         
        Expected Result:

        XMLInputFactory should be able to create as many XMLReaders as requested
         
        Actual Result:

        JAXP00010001 error

        Error Message(s):
         
        Exception in thread "main" javax.xml.stream.XMLStreamException: ParseError at [row,col]:[1,1]
        Message: JAXP00010001: The parser has encountered more than "64000" entity expansions in this document; this is the limit imposed by the JDK.
        at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.setInputSource(XMLStreamReaderImpl.java:219)
        at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.<init>(XMLStreamReaderImpl.java:189)
        at com.sun.xml.internal.stream.XMLInputFactoryImpl.getXMLStreamReaderImpl(XMLInputFactoryImpl.java:277)
        at com.sun.xml.internal.stream.XMLInputFactoryImpl.createXMLStreamReader(XMLInputFactoryImpl.java:129)
        at com.sun.xml.internal.stream.XMLInputFactoryImpl.createXMLEventReader(XMLInputFactoryImpl.java:78)
        at Main.main(Main.java:38)
         
        Source code for an executable test case:

        import java.io.ByteArrayInputStream;
         
        import javax.xml.stream.XMLInputFactory;
         
        public class Main {
         
            public static void main(String[] args) throws Exception {
         
                String xml = "<?xml version=\"1.0\"?><test></test>";
         
                XMLInputFactory factory = XMLInputFactory.newInstance();
         
                for (int i = 0; i < 64001; i++) {
         
                    ByteArrayInputStream stream = new ByteArrayInputStream(xml.getBytes());
                    factory.createXMLEventReader(stream);
                }
            }
        }
         
        Workaround:
         
        The workaround is to disable FPS or entity expansion limit (be careful now your code can be vulnerable to denial of service attack, see replies on Bug ID: JDK-4843787 org.xml.sax.SAXException was thrown when parsing large file )
         
        - set system property jdk.xml.entityExpansionLimit to 0
        - disable FPS in XMLSecurityManager for XMLInputFactory:
         
                XMLInputFactory factory = XMLInputFactory.newInstance();
                XMLSecurityManager securityManager = new XMLSecurityManager(false);
                factory.setProperty("http://apache.org/xml/properties/security-manager", securityManager);

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8028703 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8028704 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8028705 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8031843 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8033825 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8039785 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8029402 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8029403 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8029404 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8032124 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8032336 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8037759 XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8029038 Revise fix for XML readers share the same entity expansion counter

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Enhancement - null JDK-6315411 Default value of the Entity Expansion Limit

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Activity

              People

                joehw Joe Wang
                rcalnan Roger Calnan
                Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: