1 /* 2 * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.org.apache.xalan.internal.utils; 27 28 import com.sun.org.apache.xalan.internal.XalanConstants; 29 import java.util.concurrent.CopyOnWriteArrayList; 30 import org.xml.sax.SAXException; 31 32 33 /** 34 * This class is not the same as that in Xerces. It is used to manage the 35 * state of corresponding Xerces properties and pass the values over to 36 * the Xerces Security Manager. 37 * 38 * @author Joe Wang Oracle Corp. 39 * 40 */ 41 public final class XMLSecurityManager { 42 43 /** 44 * States of the settings of a property, in the order: default value, value 45 * set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system 46 * properties, and jaxp api properties 47 */ 48 public static enum State { 49 //this order reflects the overriding order 50 51 DEFAULT("default"), FSP("FEATURE_SECURE_PROCESSING"), 52 JAXPDOTPROPERTIES("jaxp.properties"), SYSTEMPROPERTY("system property"), 53 APIPROPERTY("property"); 54 55 final String literal; 56 State(String literal) { 57 this.literal = literal; 58 } 59 60 String literal() { 61 return literal; 62 } 63 } 64 65 /** 66 * Limits managed by the security manager 67 */ 68 public static enum Limit { 69 70 ENTITY_EXPANSION_LIMIT("EntityExpansionLimit", XalanConstants.JDK_ENTITY_EXPANSION_LIMIT, 71 XalanConstants.SP_ENTITY_EXPANSION_LIMIT, 0, 64000), 72 MAX_OCCUR_NODE_LIMIT("MaxOccurLimit", XalanConstants.JDK_MAX_OCCUR_LIMIT, 73 XalanConstants.SP_MAX_OCCUR_LIMIT, 0, 5000), 74 ELEMENT_ATTRIBUTE_LIMIT("ElementAttributeLimit", XalanConstants.JDK_ELEMENT_ATTRIBUTE_LIMIT, 75 XalanConstants.SP_ELEMENT_ATTRIBUTE_LIMIT, 0, 10000), 76 TOTAL_ENTITY_SIZE_LIMIT("TotalEntitySizeLimit", XalanConstants.JDK_TOTAL_ENTITY_SIZE_LIMIT, 77 XalanConstants.SP_TOTAL_ENTITY_SIZE_LIMIT, 0, 50000000), 78 GENERAL_ENTITY_SIZE_LIMIT("MaxEntitySizeLimit", XalanConstants.JDK_GENERAL_ENTITY_SIZE_LIMIT, 79 XalanConstants.SP_GENERAL_ENTITY_SIZE_LIMIT, 0, 0), 80 PARAMETER_ENTITY_SIZE_LIMIT("MaxEntitySizeLimit", XalanConstants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, 81 XalanConstants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000), 82 MAX_ELEMENT_DEPTH_LIMIT("MaxElementDepthLimit", XalanConstants.JDK_MAX_ELEMENT_DEPTH, 83 XalanConstants.SP_MAX_ELEMENT_DEPTH, 0, 0), 84 MAX_NAME_LIMIT("MaxXMLNameLimit", XalanConstants.JDK_XML_NAME_LIMIT, 85 XalanConstants.SP_XML_NAME_LIMIT, 1000, 1000); 86 87 final String key; 88 final String apiProperty; 89 final String systemProperty; 90 final int defaultValue; 91 final int secureValue; 92 93 Limit(String key, String apiProperty, String systemProperty, int value, int secureValue) { 94 this.key = key; 95 this.apiProperty = apiProperty; 96 this.systemProperty = systemProperty; 97 this.defaultValue = value; 98 this.secureValue = secureValue; 99 } 100 101 public boolean equalsAPIPropertyName(String propertyName) { 102 return (propertyName == null) ? false : apiProperty.equals(propertyName); 103 } 104 105 public boolean equalsSystemPropertyName(String propertyName) { 106 return (propertyName == null) ? false : systemProperty.equals(propertyName); 107 } 108 109 public String key() { 110 return key; 111 } 112 113 public String apiProperty() { 114 return apiProperty; 115 } 116 117 String systemProperty() { 118 return systemProperty; 119 } 120 121 public int defaultValue() { 122 return defaultValue; 123 } 124 125 int secureValue() { 126 return secureValue; 127 } 128 } 129 130 /** 131 * Map old property names with the new ones 132 */ 133 public static enum NameMap { 134 135 ENTITY_EXPANSION_LIMIT(XalanConstants.SP_ENTITY_EXPANSION_LIMIT, 136 XalanConstants.ENTITY_EXPANSION_LIMIT), 137 MAX_OCCUR_NODE_LIMIT(XalanConstants.SP_MAX_OCCUR_LIMIT, 138 XalanConstants.MAX_OCCUR_LIMIT), 139 ELEMENT_ATTRIBUTE_LIMIT(XalanConstants.SP_ELEMENT_ATTRIBUTE_LIMIT, 140 XalanConstants.ELEMENT_ATTRIBUTE_LIMIT); 141 final String newName; 142 final String oldName; 143 144 NameMap(String newName, String oldName) { 145 this.newName = newName; 146 this.oldName = oldName; 147 } 148 149 String getOldName(String newName) { 150 if (newName.equals(this.newName)) { 151 return oldName; 152 } 153 return null; 154 } 155 } 156 /** 157 * Values of the properties 158 */ 159 private final int[] values; 160 /** 161 * States of the settings for each property 162 */ 163 private State[] states; 164 /** 165 * States that determine if properties are set explicitly 166 */ 167 private boolean[] isSet; 168 169 170 /** 171 * Index of the special entityCountInfo property 172 */ 173 private final int indexEntityCountInfo = 10000; 174 private String printEntityCountInfo = ""; 175 176 /** 177 * Default constructor. Establishes default values for known security 178 * vulnerabilities. 179 */ 180 public XMLSecurityManager() { 181 this(false); 182 } 183 184 /** 185 * Instantiate Security Manager in accordance with the status of 186 * secure processing 187 * @param secureProcessing 188 */ 189 public XMLSecurityManager(boolean secureProcessing) { 190 values = new int[Limit.values().length]; 191 states = new State[Limit.values().length]; 192 isSet = new boolean[Limit.values().length]; 193 for (Limit limit : Limit.values()) { 194 if (secureProcessing) { 195 values[limit.ordinal()] = limit.secureValue(); 196 states[limit.ordinal()] = State.FSP; 197 } else { 198 values[limit.ordinal()] = limit.defaultValue(); 199 states[limit.ordinal()] = State.DEFAULT; 200 } 201 } 202 //read system properties or jaxp.properties 203 readSystemProperties(); 204 } 205 206 /** 207 * Setting FEATURE_SECURE_PROCESSING explicitly 208 */ 209 public void setSecureProcessing(boolean secure) { 210 for (Limit limit : Limit.values()) { 211 if (secure) { 212 setLimit(limit.ordinal(), State.FSP, limit.secureValue()); 213 } else { 214 setLimit(limit.ordinal(), State.FSP, limit.defaultValue()); 215 } 216 } 217 } 218 219 /** 220 * Set limit by property name and state 221 * @param propertyName property name 222 * @param state the state of the property 223 * @param value the value of the property 224 * @return true if the property is managed by the security manager; false 225 * if otherwise. 226 */ 227 public boolean setLimit(String propertyName, State state, Object value) { 228 int index = getIndex(propertyName); 229 if (index > -1) { 230 setLimit(index, state, value); 231 return true; 232 } 233 return false; 234 } 235 236 /** 237 * Set the value for a specific limit. 238 * 239 * @param limit the limit 240 * @param state the state of the property 241 * @param value the value of the property 242 */ 243 public void setLimit(Limit limit, State state, int value) { 244 setLimit(limit.ordinal(), state, value); 245 } 246 247 /** 248 * Set the value of a property by its index 249 * 250 * @param index the index of the property 251 * @param state the state of the property 252 * @param value the value of the property 253 */ 254 public void setLimit(int index, State state, Object value) { 255 if (index == indexEntityCountInfo) { 256 //if it's explicitly set, it's treated as yes no matter the value 257 printEntityCountInfo = (String)value; 258 } else { 259 int temp = 0; 260 try { 261 temp = Integer.parseInt((String) value); 262 if (temp < 0) { 263 temp = 0; 264 } 265 } catch (NumberFormatException e) {} 266 setLimit(index, state, temp); } 267 } 268 269 /** 270 * Set the value of a property by its index 271 * 272 * @param index the index of the property 273 * @param state the state of the property 274 * @param value the value of the property 275 */ 276 public void setLimit(int index, State state, int value) { 277 if (index == indexEntityCountInfo) { 278 //if it's explicitly set, it's treated as yes no matter the value 279 printEntityCountInfo = XalanConstants.JDK_YES; 280 } else { 281 //only update if it shall override 282 if (state.compareTo(states[index]) >= 0) { 283 values[index] = value; 284 states[index] = state; 285 isSet[index] = true; 286 } 287 } 288 } 289 290 291 /** 292 * Return the value of the specified property. 293 * 294 * @param propertyName the property name 295 * @return the value of the property as a string. If a property is managed 296 * by this manager, its value shall not be null. 297 */ 298 public String getLimitAsString(String propertyName) { 299 int index = getIndex(propertyName); 300 if (index > -1) { 301 return getLimitValueByIndex(index); 302 } 303 304 return null; 305 } 306 307 /** 308 * Return the value of a property by its ordinal 309 * 310 * @param limit the property 311 * @return value of a property 312 */ 313 public String getLimitValueAsString(Limit limit) { 314 return Integer.toString(values[limit.ordinal()]); 315 } 316 317 /** 318 * Return the value of the specified property 319 * 320 * @param limit the property 321 * @return the value of the property 322 */ 323 public int getLimit(Limit limit) { 324 return values[limit.ordinal()]; 325 } 326 327 /** 328 * Return the value of a property by its ordinal 329 * 330 * @param index the index of a property 331 * @return value of a property 332 */ 333 public int getLimitByIndex(int index) { 334 return values[index]; 335 } 336 /** 337 * Return the value of a property by its index 338 * 339 * @param index the index of a property 340 * @return limit of a property as a string 341 */ 342 public String getLimitValueByIndex(int index) { 343 if (index == indexEntityCountInfo) { 344 return printEntityCountInfo; 345 } 346 347 return Integer.toString(values[index]); 348 } 349 /** 350 * Return the state of the limit property 351 * 352 * @param limit the limit 353 * @return the state of the limit property 354 */ 355 public State getState(Limit limit) { 356 return states[limit.ordinal()]; 357 } 358 359 /** 360 * Return the state of the limit property 361 * 362 * @param limit the limit 363 * @return the state of the limit property 364 */ 365 public String getStateLiteral(Limit limit) { 366 return states[limit.ordinal()].literal(); 367 } 368 369 /** 370 * Get the index by property name 371 * 372 * @param propertyName property name 373 * @return the index of the property if found; return -1 if not 374 */ 375 public int getIndex(String propertyName) { 376 for (Limit limit : Limit.values()) { 377 if (limit.equalsAPIPropertyName(propertyName)) { 378 //internally, ordinal is used as index 379 return limit.ordinal(); 380 } 381 } 382 //special property to return entity count info 383 if (propertyName.equals(XalanConstants.JDK_ENTITY_COUNT_INFO)) { 384 return indexEntityCountInfo; 385 } 386 return -1; 387 } 388 389 /** 390 * Indicate if a property is set explicitly 391 * @param index 392 * @return 393 */ 394 public boolean isSet(int index) { 395 return isSet[index]; 396 } 397 398 public boolean printEntityCountInfo() { 399 return printEntityCountInfo.equals(XalanConstants.JDK_YES); 400 } 401 /** 402 * Read from system properties, or those in jaxp.properties 403 */ 404 private void readSystemProperties() { 405 406 for (Limit limit : Limit.values()) { 407 if (!getSystemProperty(limit, limit.systemProperty())) { 408 //if system property is not found, try the older form if any 409 for (NameMap nameMap : NameMap.values()) { 410 String oldName = nameMap.getOldName(limit.systemProperty()); 411 if (oldName != null) { 412 getSystemProperty(limit, oldName); 413 } 414 } 415 } 416 } 417 418 } 419 420 // Array list to store printed warnings for each SAX parser used 421 private static final CopyOnWriteArrayList<String> printedWarnings = new CopyOnWriteArrayList<>(); 422 423 /** 424 * Prints out warnings if a parser does not support the specified feature/property. 425 * 426 * @param parserClassName the name of the parser class 427 * @param propertyName the property name 428 * @param exception the exception thrown by the parser 429 */ 430 public static void printWarning(String parserClassName, String propertyName, SAXException exception) { 431 String key = parserClassName+":"+propertyName; 432 if (printedWarnings.addIfAbsent(key)) { 433 System.err.println( "Warning: "+parserClassName+": "+exception.getMessage()); 434 } 435 } 436 437 /** 438 * Read from system properties, or those in jaxp.properties 439 * 440 * @param property the type of the property 441 * @param sysPropertyName the name of system property 442 */ 443 private boolean getSystemProperty(Limit limit, String sysPropertyName) { 444 try { 445 String value = SecuritySupport.getSystemProperty(sysPropertyName); 446 if (value != null && !value.equals("")) { 447 values[limit.ordinal()] = Integer.parseInt(value); 448 states[limit.ordinal()] = State.SYSTEMPROPERTY; 449 return true; 450 } 451 452 value = SecuritySupport.readJAXPProperty(sysPropertyName); 453 if (value != null && !value.equals("")) { 454 values[limit.ordinal()] = Integer.parseInt(value); 455 states[limit.ordinal()] = State.JAXPDOTPROPERTIES; 456 return true; 457 } 458 } catch (NumberFormatException e) { 459 //invalid setting 460 throw new NumberFormatException("Invalid setting for system property: " + limit.systemProperty()); 461 } 462 return false; 463 } 464 } --- EOF ---