| /* |
| * reserved comment block |
| * DO NOT REMOVE OR ALTER! |
| */ |
| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package com.sun.org.apache.xerces.internal.util; |
| import com.sun.org.apache.xerces.internal.impl.Constants; |
| /** |
| * This class is a container for parser settings that relate to |
| * security, or more specifically, it is intended to be used to prevent denial-of-service |
| * attacks from being launched against a system running Xerces. |
| * Any component that is aware of a denial-of-service attack that can arise |
| * from its processing of a certain kind of document may query its Component Manager |
| * for the property (http://apache.org/xml/properties/security-manager) |
| * whose value will be an instance of this class. |
| * If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) |
| * manner. If a value has been set, then it must be the case that the component in |
| * question needs to know what method of this class to query. This class |
| * will provide defaults for all known security issues, but will also provide |
| * setters so that those values can be tailored by applications that care. |
| * |
| * @author Neil Graham, IBM |
| * |
| */ |
| public final class SecurityManager { |
| |
| // |
| // Constants |
| // |
| |
| // default value for entity expansion limit |
| private final static int DEFAULT_ENTITY_EXPANSION_LIMIT = 64000; |
| |
| /** Default value of number of nodes created. **/ |
| private final static int DEFAULT_MAX_OCCUR_NODE_LIMIT = 5000; |
| |
| // |
| // Data |
| // |
| |
| private final static int DEFAULT_ELEMENT_ATTRIBUTE_LIMIT = 10000; |
| |
| /** Entity expansion limit. **/ |
| private int entityExpansionLimit; |
| |
| /** W3C XML Schema maxOccurs limit. **/ |
| private int maxOccurLimit; |
| |
| private int fElementAttributeLimit; |
| // default constructor. Establishes default values for |
| // all known security holes. |
| /** |
| * Default constructor. Establishes default values |
| * for known security vulnerabilities. |
| */ |
| public SecurityManager() { |
| entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; |
| maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ; |
| fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; |
| //We are reading system properties only once , |
| //at the time of creation of this object , |
| readSystemProperties(); |
| } |
| |
| /** |
| * <p>Sets the number of entity expansions that the |
| * parser should permit in a document.</p> |
| * |
| * @param limit the number of entity expansions |
| * permitted in a document |
| */ |
| public void setEntityExpansionLimit(int limit) { |
| entityExpansionLimit = limit; |
| } |
| |
| /** |
| * <p>Returns the number of entity expansions |
| * that the parser permits in a document.</p> |
| * |
| * @return the number of entity expansions |
| * permitted in a document |
| */ |
| public int getEntityExpansionLimit() { |
| return entityExpansionLimit; |
| } |
| |
| /** |
| * <p>Sets the limit of the number of content model nodes |
| * that may be created when building a grammar for a W3C |
| * XML Schema that contains maxOccurs attributes with values |
| * other than "unbounded".</p> |
| * |
| * @param limit the maximum value for maxOccurs other |
| * than "unbounded" |
| */ |
| public void setMaxOccurNodeLimit(int limit){ |
| maxOccurLimit = limit; |
| } |
| |
| /** |
| * <p>Returns the limit of the number of content model nodes |
| * that may be created when building a grammar for a W3C |
| * XML Schema that contains maxOccurs attributes with values |
| * other than "unbounded".</p> |
| * |
| * @return the maximum value for maxOccurs other |
| * than "unbounded" |
| */ |
| public int getMaxOccurNodeLimit(){ |
| return maxOccurLimit; |
| } |
| |
| public int getElementAttrLimit(){ |
| return fElementAttributeLimit; |
| } |
| |
| public void setElementAttrLimit(int limit){ |
| fElementAttributeLimit = limit; |
| } |
| |
| private void readSystemProperties(){ |
| |
| try { |
| String value = System.getProperty(Constants.ENTITY_EXPANSION_LIMIT); |
| if(value != null && !value.equals("")){ |
| entityExpansionLimit = Integer.parseInt(value); |
| if (entityExpansionLimit < 0) |
| entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; |
| } |
| else |
| entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; |
| }catch(Exception ex){} |
| |
| try { |
| String value = System.getProperty(Constants.MAX_OCCUR_LIMIT); |
| if(value != null && !value.equals("")){ |
| maxOccurLimit = Integer.parseInt(value); |
| if (maxOccurLimit < 0) |
| maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT; |
| } |
| else |
| maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT; |
| }catch(Exception ex){} |
| |
| try { |
| String value = System.getProperty(Constants.ELEMENT_ATTRIBUTE_LIMIT); |
| if(value != null && !value.equals("")){ |
| fElementAttributeLimit = Integer.parseInt(value); |
| if ( fElementAttributeLimit < 0) |
| fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; |
| } |
| else |
| fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT; |
| |
| }catch(Exception ex){} |
| |
| } |
| |
| } // class SecurityManager |