src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/parser/XMLParserImpl.java - platform/libcore - Git at Google

 /*
  * reserved comment block
  * DO NOT REMOVE OR ALTER!
  */
 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package com.sun.org.apache.xml.internal.security.parser;

 import java.io.IOException;
 import java.io.InputStream;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.Collections;
 import java.util.Map;
 import java.util.Queue;
 import java.util.WeakHashMap;
 import java.util.concurrent.ArrayBlockingQueue;

 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;

 import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
 import org.w3c.dom.Document;
 import org.xml.sax.SAXException;

 /**
  * A default implementation of XMLParser that uses two pools of DocumentBuilders.
  */
 public class XMLParserImpl implements XMLParser {

     @SuppressWarnings("removal")
     private static int parserPoolSize =
             AccessController.doPrivileged(
                     (PrivilegedAction<Integer>) () -> Integer.getInteger("com.sun.org.apache.xml.internal.security.parser.pool-size", 20));

     private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS =
             Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

     private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS_DISALLOW_DOCTYPE =
             Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

     @Override
     public Document parse(InputStream inputStream, boolean disallowDocTypeDeclarations) throws XMLParserException {
         try {
             ClassLoader loader = getContextClassLoader();
             if (loader == null) {
                 loader = getClassLoader(XMLUtils.class);
             }
             // If the ClassLoader is null then just create a DocumentBuilder and use it
             if (loader == null) {
                 DocumentBuilder documentBuilder = createDocumentBuilder(disallowDocTypeDeclarations);
                 return documentBuilder.parse(inputStream);
             }

             Queue<DocumentBuilder> queue = getDocumentBuilderQueue(disallowDocTypeDeclarations, loader);
             DocumentBuilder documentBuilder = getDocumentBuilder(disallowDocTypeDeclarations, queue);
             Document doc = documentBuilder.parse(inputStream);
             repoolDocumentBuilder(documentBuilder, queue);
             return doc;
         } catch (ParserConfigurationException | SAXException | IOException ex) {
             throw new XMLParserException(ex, "empty", new Object[] {"Error parsing the inputstream"});
         }
     }

     private static Queue<DocumentBuilder> getDocumentBuilderQueue(boolean disallowDocTypeDeclarations, ClassLoader loader) throws ParserConfigurationException {
         Map<ClassLoader, Queue<DocumentBuilder>> docBuilderCache =
                 disallowDocTypeDeclarations ? DOCUMENT_BUILDERS_DISALLOW_DOCTYPE : DOCUMENT_BUILDERS;
         Queue<DocumentBuilder> queue = docBuilderCache.get(loader);
         if (queue == null) {
             queue = new ArrayBlockingQueue<>(parserPoolSize);
             docBuilderCache.put(loader, queue);
         }

         return queue;
     }

     private static DocumentBuilder getDocumentBuilder(boolean disallowDocTypeDeclarations, Queue<DocumentBuilder> queue) throws ParserConfigurationException {
         DocumentBuilder db = queue.poll();
         if (db == null) {
             db = createDocumentBuilder(disallowDocTypeDeclarations);
         }
         return db;
     }

     private static DocumentBuilder createDocumentBuilder(boolean disallowDocTypeDeclarations) throws ParserConfigurationException {
         DocumentBuilderFactory f = DocumentBuilderFactory.newInstance();
         f.setNamespaceAware(true);
         f.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
         f.setFeature("http://apache.org/xml/features/disallow-doctype-decl", disallowDocTypeDeclarations);
         return f.newDocumentBuilder();
     }

     private static void repoolDocumentBuilder(DocumentBuilder db, Queue<DocumentBuilder> queue) {
         if (queue != null) {
             db.reset();
             queue.offer(db);
         }
     }

     @SuppressWarnings("removal")
     private static ClassLoader getContextClassLoader() {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
             return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
                 public ClassLoader run() {
                     return Thread.currentThread().getContextClassLoader();
                 }
             });
         }
         return Thread.currentThread().getContextClassLoader();
     }

     @SuppressWarnings("removal")
     private static ClassLoader getClassLoader(final Class<?> clazz) {
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
             return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
                 public ClassLoader run() {
                     return clazz.getClassLoader();
                 }
             });
         }
         return clazz.getClassLoader();
     }
 }
	/*
	* reserved comment block
	* DO NOT REMOVE OR ALTER!
	*/
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package com.sun.org.apache.xml.internal.security.parser;

	import java.io.IOException;
	import java.io.InputStream;
	import java.security.AccessController;
	import java.security.PrivilegedAction;
	import java.util.Collections;
	import java.util.Map;
	import java.util.Queue;
	import java.util.WeakHashMap;
	import java.util.concurrent.ArrayBlockingQueue;

	import javax.xml.parsers.DocumentBuilder;
	import javax.xml.parsers.DocumentBuilderFactory;
	import javax.xml.parsers.ParserConfigurationException;

	import com.sun.org.apache.xml.internal.security.utils.XMLUtils;
	import org.w3c.dom.Document;
	import org.xml.sax.SAXException;

	/**
	* A default implementation of XMLParser that uses two pools of DocumentBuilders.
	*/
	public class XMLParserImpl implements XMLParser {

	@SuppressWarnings("removal")
	private static int parserPoolSize =
	AccessController.doPrivileged(
	(PrivilegedAction<Integer>) () -> Integer.getInteger("com.sun.org.apache.xml.internal.security.parser.pool-size", 20));

	private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS =
	Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

	private static final Map<ClassLoader, Queue<DocumentBuilder>> DOCUMENT_BUILDERS_DISALLOW_DOCTYPE =
	Collections.synchronizedMap(new WeakHashMap<ClassLoader, Queue<DocumentBuilder>>());

	@Override
	public Document parse(InputStream inputStream, boolean disallowDocTypeDeclarations) throws XMLParserException {
	try {
	ClassLoader loader = getContextClassLoader();
	if (loader == null) {
	loader = getClassLoader(XMLUtils.class);
	}
	// If the ClassLoader is null then just create a DocumentBuilder and use it
	if (loader == null) {
	DocumentBuilder documentBuilder = createDocumentBuilder(disallowDocTypeDeclarations);
	return documentBuilder.parse(inputStream);
	}

	Queue<DocumentBuilder> queue = getDocumentBuilderQueue(disallowDocTypeDeclarations, loader);
	DocumentBuilder documentBuilder = getDocumentBuilder(disallowDocTypeDeclarations, queue);
	Document doc = documentBuilder.parse(inputStream);
	repoolDocumentBuilder(documentBuilder, queue);
	return doc;
	} catch (ParserConfigurationException \| SAXException \| IOException ex) {
	throw new XMLParserException(ex, "empty", new Object[] {"Error parsing the inputstream"});
	}
	}

	private static Queue<DocumentBuilder> getDocumentBuilderQueue(boolean disallowDocTypeDeclarations, ClassLoader loader) throws ParserConfigurationException {
	Map<ClassLoader, Queue<DocumentBuilder>> docBuilderCache =
	disallowDocTypeDeclarations ? DOCUMENT_BUILDERS_DISALLOW_DOCTYPE : DOCUMENT_BUILDERS;
	Queue<DocumentBuilder> queue = docBuilderCache.get(loader);
	if (queue == null) {
	queue = new ArrayBlockingQueue<>(parserPoolSize);
	docBuilderCache.put(loader, queue);
	}

	return queue;
	}

	private static DocumentBuilder getDocumentBuilder(boolean disallowDocTypeDeclarations, Queue<DocumentBuilder> queue) throws ParserConfigurationException {
	DocumentBuilder db = queue.poll();
	if (db == null) {
	db = createDocumentBuilder(disallowDocTypeDeclarations);
	}
	return db;
	}

	private static DocumentBuilder createDocumentBuilder(boolean disallowDocTypeDeclarations) throws ParserConfigurationException {
	DocumentBuilderFactory f = DocumentBuilderFactory.newInstance();
	f.setNamespaceAware(true);
	f.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
	f.setFeature("http://apache.org/xml/features/disallow-doctype-decl", disallowDocTypeDeclarations);
	return f.newDocumentBuilder();
	}

	private static void repoolDocumentBuilder(DocumentBuilder db, Queue<DocumentBuilder> queue) {
	if (queue != null) {
	db.reset();
	queue.offer(db);
	}
	}

	@SuppressWarnings("removal")
	private static ClassLoader getContextClassLoader() {
	final SecurityManager sm = System.getSecurityManager();
	if (sm != null) {
	return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
	public ClassLoader run() {
	return Thread.currentThread().getContextClassLoader();
	}
	});
	}
	return Thread.currentThread().getContextClassLoader();
	}

	@SuppressWarnings("removal")
	private static ClassLoader getClassLoader(final Class<?> clazz) {
	final SecurityManager sm = System.getSecurityManager();
	if (sm != null) {
	return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
	public ClassLoader run() {
	return clazz.getClassLoader();
	}
	});
	}
	return clazz.getClassLoader();
	}
	}