Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8294858

XMLStreamReader does not respect jdk.xml.maxXMLNameLimit=0 for namespace names

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P4
    • 20
    • 8, 11, 18, 19, 20
    • xml
    • b23
    • generic
    • generic
    • Verified

    Description

      ADDITIONAL SYSTEM INFORMATION :
      I am able to reproduce with jdk 11 and 19.

      A DESCRIPTION OF THE PROBLEM :
      According to the documentation[0] a value of 0 for jdk.xml.maxXMLNameLimit should disable the limit. Instead, it is interpreted as a limit of 0 for namespace names, resulting in failure to parse XML that contains "xmlns" attributes (attached example).

      Note that the value of 0 is handled according to the documentation for other names, such as element or attribute names. I think the problem comes from this code[1] not handling values <=0 as special.

      [0] https://docs.oracle.com/javase/tutorial/jaxp/limits/limits.html
      [1] https://github.com/openjdk/jdk/blob/master/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/impl/XML11NSDocumentScannerImpl.java#L640

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      1. Set jdk.xml.maxXMLNameLimit=0 via a system property
      2. Create an XML stream reader using XMLInputFactory.newInstance().createXMLStreamReader()
      3. Try to parse an element which includes "xmlns", such as "<foo xmlns='bar'/>"

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Parsing is successful
      ACTUAL -
      Parsing fails with:
      Message: JAXP00010005: The length of entity "bar" is "3" that exceeds the "0" limit set by "system property".
      at java.xml/com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.next(XMLStreamReaderImpl.java:652)
      at Test.parse(Test.java:23)
      at Test.main(Test.java:14)

      ---------- BEGIN SOURCE ----------
      import javax.xml.stream.*;
      import java.io.*;

      class Test
      {
          public static void main(String[] args)
                  throws Exception
          {
              String xml = "<foo xmlns='bar'/>";

              parse(xml); // Succeeds

              System.setProperty("jdk.xml.maxXMLNameLimit", "0");
              parse(xml); // Fails
          }

          private static void parse(String xml)
              throws Exception
          {
              InputStream is = new ByteArrayInputStream(xml.getBytes());
              XMLStreamReader reader = XMLInputFactory.newInstance().createXMLStreamReader(is);
              while (reader.hasNext())
                  reader.next();
              System.err.println("Parsed successfully");
          }
      }

      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Set maxXMLNameLimit to a large value instead

      Attachments

        Issue Links

          Activity

            People

              joehw Joe Wang
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: