xerces-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ne...@apache.org
Subject cvs commit: xml-xerces/c/src/xercesc/parsers AbstractDOMParser.hpp AbstractDOMParser.cpp SAXParser.hpp SAXParser.cpp DOMBuilderImpl.cpp SAX2XMLReaderImpl.hpp SAX2XMLReaderImpl.cpp
Date Thu, 17 Apr 2003 21:58:51 GMT
neilg       2003/04/17 14:58:51

  Modified:    c/src/xercesc/util Makefile.in XMLUni.hpp XMLUni.cpp
               c/src/xercesc/parsers AbstractDOMParser.hpp
                        AbstractDOMParser.cpp SAXParser.hpp SAXParser.cpp
                        DOMBuilderImpl.cpp SAX2XMLReaderImpl.hpp
                        SAX2XMLReaderImpl.cpp
  Added:       c/src/xercesc/util SecurityManager.hpp
  Log:
  Adding a new property,
  http://apache.org/xml/properties/security-manager, with
  appropriate getSecurityManager/setSecurityManager methods on DOM
  and SAX parsers.  Also adding a new SecurityManager class.
  
  The purpose of these modifications is to permit applications a
  means to have the parser reject documents whose processing would
  otherwise consume large amounts of system resources.  Malicious
  use of such documents could be used to launch a denial-of-service
  attack against a system running the parser.  Initially, the
  SecurityManager only knows about attacks that can result from
  exponential entity expansion; this is the only known attack that
  involves processing a single XML document.  Other, simlar attacks
  can be launched if arbitrary schemas may be parsed; there already
  exist means (via use of the EntityResolver interface) by which
  applications can deny processing of untrusted schemas.  In future,
  the SecurityManager will be expanded to take these other exploits
  into account.
  
  Revision  Changes    Path
  1.31      +7 -1      xml-xerces/c/src/xercesc/util/Makefile.in
  
  Index: Makefile.in
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/util/Makefile.in,v
  retrieving revision 1.30
  retrieving revision 1.31
  diff -u -r1.30 -r1.31
  --- Makefile.in	18 Mar 2003 21:06:38 -0000	1.30
  +++ Makefile.in	17 Apr 2003 21:58:49 -0000	1.31
  @@ -1,7 +1,7 @@
   #
   # The Apache Software License, Version 1.1
   #
  -# Copyright (c) 1999-2002 The Apache Software Foundation.  All rights
  +# Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
   # reserved.
   #
   # Redistribution and use in source and binary forms, with or without
  @@ -55,6 +55,28 @@
   #
   #
   # $Log$
  +# Revision 1.31  2003/04/17 21:58:49  neilg
  +# Adding a new property,
  +# http://apache.org/xml/properties/security-manager, with
  +# appropriate getSecurityManager/setSecurityManager methods on DOM
  +# and SAX parsers.  Also adding a new SecurityManager class.
  +#
  +# The purpose of these modifications is to permit applications a
  +# means to have the parser reject documents whose processing would
  +# otherwise consume large amounts of system resources.  Malicious
  +# use of such documents could be used to launch a denial-of-service
  +# attack against a system running the parser.  Initially, the
  +# SecurityManager only knows about attacks that can result from
  +# exponential entity expansion; this is the only known attack that
  +# involves processing a single XML document.  Other, simlar attacks
  +# can be launched if arbitrary schemas may be parsed; there already
  +# exist means (via use of the EntityResolver interface) by which
  +# applications can deny processing of untrusted schemas.  In future,
  +# the SecurityManager will be expanded to take these other exploits
  +# into account.
  +#
  +# Add SecurityManager 
  +# 
   # Revision 1.30  2003/03/18 21:06:38  peiyongz
   # Build versioned shared library, libXercesMessages on UNIX
   #
  @@ -475,6 +497,7 @@
       RefVectorOf.hpp \
       RuntimeException.hpp \
       SchemaDateTimeException.hpp \
  +    SecurityManager.hpp \
       StringPool.hpp \
       TranscodingException.hpp \
       TransENameMap.hpp \
  
  
  
  1.27      +3 -2      xml-xerces/c/src/xercesc/util/XMLUni.hpp
  
  Index: XMLUni.hpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/util/XMLUni.hpp,v
  retrieving revision 1.26
  retrieving revision 1.27
  diff -u -r1.26 -r1.27
  --- XMLUni.hpp	28 Jan 2003 18:33:23 -0000	1.26
  +++ XMLUni.hpp	17 Apr 2003 21:58:50 -0000	1.27
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2002 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -242,6 +242,7 @@
       static const XMLCh fgXercesSchemaFullChecking[];
       static const XMLCh fgXercesSchemaExternalSchemaLocation[];
       static const XMLCh fgXercesSchemaExternalNoNameSpaceSchemaLocation[];
  +    static const XMLCh fgXercesSecurityManager[];
       static const XMLCh fgXercesLoadExternalDTD[];
       static const XMLCh fgXercesContinueAfterFatalError[];
       static const XMLCh fgXercesValidationErrorAsFatal[];
  
  
  
  1.30      +17 -2     xml-xerces/c/src/xercesc/util/XMLUni.cpp
  
  Index: XMLUni.cpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/util/XMLUni.cpp,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- XMLUni.cpp	28 Jan 2003 18:33:23 -0000	1.29
  +++ XMLUni.cpp	17 Apr 2003 21:58:50 -0000	1.30
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2002 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -1080,6 +1080,21 @@
       ,   chLatin_t, chLatin_e, chLatin_r, chLatin_n, chLatin_a, chLatin_l, chDash
       ,   chLatin_s, chLatin_c, chLatin_h, chLatin_e, chLatin_m, chLatin_a, chLatin_L
       ,   chLatin_o, chLatin_c, chLatin_a, chLatin_t, chLatin_i, chLatin_o, chLatin_n, chNull
  +};
  +
  +//Property
  +//Xerces: http://apache.org/xml/properties/security-manager
  +const XMLCh XMLUni::fgXercesSecurityManager[] =
  +{
  +        chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash
  +    ,   chForwardSlash, chLatin_a, chLatin_p, chLatin_a, chLatin_c, chLatin_h
  +    ,   chLatin_e, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash
  +    ,   chLatin_x, chLatin_m, chLatin_l, chForwardSlash, chLatin_p, chLatin_r
  +    ,   chLatin_o, chLatin_p, chLatin_e, chLatin_r, chLatin_t, chLatin_i
  +    ,   chLatin_e, chLatin_s, chForwardSlash, chLatin_s, chLatin_e, chLatin_c
  +    ,   chLatin_u, chLatin_r, chLatin_i, chLatin_t, chLatin_y, chDash
  +    ,   chLatin_m, chLatin_a, chLatin_n, chLatin_a, chLatin_g, chLatin_e, chLatin_r
  +    ,   chNull
   };
   
   //Property
  
  
  
  1.1                  xml-xerces/c/src/xercesc/util/SecurityManager.hpp
  
  Index: SecurityManager.hpp
  ===================================================================
  /*
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 2003 The Apache Software Foundation.  All rights
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution,
   *    if any, must include the following acknowledgment:
   *       "This product includes software developed by the
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowledgment may appear in the software itself,
   *    if and wherever such third-party acknowledgments normally appear.
   *
   * 4. The names "Xerces" and "Apache Software Foundation" must
   *    not be used to endorse or promote products derived from this
   *    software without prior written permission. For written
   *    permission, please contact apache\@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache",
   *    nor may "Apache" appear in their name, without prior written
   *    permission of the Apache Software Foundation.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation, and was
   * originally based on software copyright (c) 1999, International
   * Business Machines, Inc., http://www.ibm.com .  For more information
   * on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   */
  
  /*
   * $Log: SecurityManager.hpp,v $
   * Revision 1.1  2003/04/17 21:58:49  neilg
   * Adding a new property,
   * http://apache.org/xml/properties/security-manager, with
   * appropriate getSecurityManager/setSecurityManager methods on DOM
   * and SAX parsers.  Also adding a new SecurityManager class.
   *
   * The purpose of these modifications is to permit applications a
   * means to have the parser reject documents whose processing would
   * otherwise consume large amounts of system resources.  Malicious
   * use of such documents could be used to launch a denial-of-service
   * attack against a system running the parser.  Initially, the
   * SecurityManager only knows about attacks that can result from
   * exponential entity expansion; this is the only known attack that
   * involves processing a single XML document.  Other, simlar attacks
   * can be launched if arbitrary schemas may be parsed; there already
   * exist means (via use of the EntityResolver interface) by which
   * applications can deny processing of untrusted schemas.  In future,
   * the SecurityManager will be expanded to take these other exploits
   * into account.
   *
   * Initial checkin of SecurityManager
   *
   * $Id: SecurityManager.hpp,v 1.1 2003/04/17 21:58:49 neilg Exp $
   *
   */
  
  #ifndef SECURITYMANAGER_HPP
  #define SECURITYMANAGER_HPP
  
  #include <xercesc/util/XercesDefs.hpp>
  
  XERCES_CPP_NAMESPACE_BEGIN
  
  /**
    * Allow application to force the parser to behave in a security-conscious
    * way.
    *
    * <p> There are cases in which an XML- or XmL-schema-
    * conformant processor can be presented with documents the
    * processing of which can involve the consumption of
    * prohibitive amounts of system resources.  Applications can
    * attach instances of this class to parsers that they've
    * created, via the
    * http://apache.org/xml/properties/security-manager property.  
    * </p>
    *
    * <p> Defaults will be provided for all known security holes.
    * Setter methods will be provided on this class to ensure that
    * an application can customize each limit as it chooses.
    * Components that are vulnerable to any given hole need to be
    * written to act appropriately when an instance of this class
    * has been set on the calling parser.
    * </p>
    */
  
  class XMLUTIL_EXPORT SecurityManager
  {
  public:
  
      static const unsigned int ENTITY_EXPANSION_LIMIT = 50000;
  
      /** @name default Constructors */
      //@{
      /** Default constructor */
      SecurityManager()
      {
          fEntityExpansionLimit = ENTITY_EXPANSION_LIMIT; 
      }
  
      /** Destructor */
      virtual ~SecurityManager(){};   
      //@}
  
      /** @name The Security Manager */
      //@{
     /**
      * An application should call this method when it wishes to specify a particular
      * limit to the number of entity expansions the parser will permit in a
      * particular document.  The default behaviour should allow the parser
      * to validate nearly all XML non-malicious XML documents; if an
      * application knows that it is operating in a domain where entities are
      * uncommon, for instance, it may wish to provide a limit lower than the
      * parser's default.
      *
      * @param newLimit  the new entity expansion limit
      *
      */
      virtual void setEntityExpansionLimit(unsigned int newLimit) 
      {
          fEntityExpansionLimit = newLimit;
      }
  
     /**
      * Permits the application or a parser component to query the current
      * limit for entity expansions.
      *
      * @return   the current setting of the entity expansion limit
      *
      */
      virtual unsigned int getEntityExpansionLimit() const
      { 
          return fEntityExpansionLimit;
      }
      //@}
  
  protected:
      unsigned int fEntityExpansionLimit;
  
  private:
  
      /* Unimplemented Constructors and operators */
      /* Copy constructor */
      SecurityManager(const SecurityManager&);
      
      /** Assignment operator */
      SecurityManager& operator=(const SecurityManager&);
  };
  
  XERCES_CPP_NAMESPACE_END
  
  #endif
  
  
  
  1.17      +37 -2     xml-xerces/c/src/xercesc/parsers/AbstractDOMParser.hpp
  
  Index: AbstractDOMParser.hpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/AbstractDOMParser.hpp,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- AbstractDOMParser.hpp	3 Jan 2003 20:09:36 -0000	1.16
  +++ AbstractDOMParser.hpp	17 Apr 2003 21:58:50 -0000	1.17
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 2002 The Apache Software Foundation.  All rights
  + * Copyright (c) 2002, 2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -65,6 +65,7 @@
   #include <xercesc/framework/XMLDocumentHandler.hpp>
   #include <xercesc/framework/XMLErrorReporter.hpp>
   #include <xercesc/framework/XMLEntityHandler.hpp>
  +#include <xercesc/util/SecurityManager.hpp>
   #include <xercesc/util/ValueStackOf.hpp>
   #include <xercesc/validators/DTD/DocTypeHandler.hpp>
   #include <xercesc/dom/DOMDocumentType.hpp>
  @@ -339,6 +340,23 @@
         */
       XMLCh* getExternalNoNamespaceSchemaLocation() const;
   
  +   /** Get the SecurityManager instance attached to this parser.
  +      *
  +      * This method returns the security manager 
  +      * that was specified using setSecurityManager.
  +      *
  +      * The SecurityManager instance must have been specified by the application; 
  +      * this should not be deleted until after the parser has been deleted (or
  +      * a new SecurityManager instance has been supplied to the parser).
  +      * 
  +      * @return a pointer to the SecurityManager instance 
  +      *         specified externally.  A null pointer is returned if nothing
  +      *         was specified externally.
  +      *
  +      * @see #setSecurityManager(const SecurityManager* const)
  +      */
  +    SecurityManager* getSecurityManager() const;
  +
       /** Get the 'Loading External DTD' flag
         *
         * This method returns the state of the parser's loading external DTD
  @@ -605,6 +623,23 @@
         * @see #setExternalNoNamespaceSchemaLocation(const XMLCh* const)
         */
       void setExternalNoNamespaceSchemaLocation(const char* const noNamespaceSchemaLocation);
  +
  +    /**
  +      * This allows an application to set a SecurityManager on
  +      * the parser; this object stores information that various
  +      * components use to limit their consumption of system
  +      * resources while processing documents.
  +      *
  +      * If this method is called more than once, only the last one takes effect.
  +      * It may not be reset during a parse.
  +      *
  +      *
  +      * @param securityManager  the SecurityManager instance to
  +      * be used by this parser
  +      *
  +      * @see #getSecurityManager
  +      */
  +    void setSecurityManager(SecurityManager* const securityManager);
   
       /** Set the 'Loading External DTD' flag
         *
  
  
  
  1.38      +17 -2     xml-xerces/c/src/xercesc/parsers/AbstractDOMParser.cpp
  
  Index: AbstractDOMParser.cpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/AbstractDOMParser.cpp,v
  retrieving revision 1.37
  retrieving revision 1.38
  diff -u -r1.37 -r1.38
  --- AbstractDOMParser.cpp	4 Feb 2003 19:33:40 -0000	1.37
  +++ AbstractDOMParser.cpp	17 Apr 2003 21:58:50 -0000	1.38
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 2002 The Apache Software Foundation.  All rights
  + * Copyright (c) 2002,2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -298,6 +298,11 @@
       return fScanner->getExternalNoNamespaceSchemaLocation();
   }
   
  +SecurityManager* AbstractDOMParser::getSecurityManager() const
  +{
  +    return fScanner->getSecurityManager();
  +}
  +
   bool AbstractDOMParser::getLoadExternalDTD() const
   {
       return fScanner->getLoadExternalDTD();
  @@ -368,6 +373,16 @@
   void AbstractDOMParser::setExternalNoNamespaceSchemaLocation(const char* const noNamespaceSchemaLocation)
   {
       fScanner->setExternalNoNamespaceSchemaLocation(noNamespaceSchemaLocation);
  +}
  +
  +void AbstractDOMParser::setSecurityManager(SecurityManager* const securityManager)
  +{
  +    // since this could impact various components, don't permit it to change
  +    // during a parse
  +    if (fParseInProgress)
  +        ThrowXML(IOException, XMLExcepts::Gen_ParseInProgress);
  +
  +    fScanner->setSecurityManager(securityManager);
   }
   
   void AbstractDOMParser::setLoadExternalDTD(const bool newState)
  
  
  
  1.22      +41 -1     xml-xerces/c/src/xercesc/parsers/SAXParser.hpp
  
  Index: SAXParser.hpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/SAXParser.hpp,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- SAXParser.hpp	7 Mar 2003 18:09:17 -0000	1.21
  +++ SAXParser.hpp	17 Apr 2003 21:58:50 -0000	1.22
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2001 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -56,6 +56,28 @@
   
   /*
    * $Log$
  + * Revision 1.22  2003/04/17 21:58:50  neilg
  + * Adding a new property,
  + * http://apache.org/xml/properties/security-manager, with
  + * appropriate getSecurityManager/setSecurityManager methods on DOM
  + * and SAX parsers.  Also adding a new SecurityManager class.
  + *
  + * The purpose of these modifications is to permit applications a
  + * means to have the parser reject documents whose processing would
  + * otherwise consume large amounts of system resources.  Malicious
  + * use of such documents could be used to launch a denial-of-service
  + * attack against a system running the parser.  Initially, the
  + * SecurityManager only knows about attacks that can result from
  + * exponential entity expansion; this is the only known attack that
  + * involves processing a single XML document.  Other, simlar attacks
  + * can be launched if arbitrary schemas may be parsed; there already
  + * exist means (via use of the EntityResolver interface) by which
  + * applications can deny processing of untrusted schemas.  In future,
  + * the SecurityManager will be expanded to take these other exploits
  + * into account.
  + *
  + * Add support for the SecurityManager
  + * 
    * Revision 1.21  2003/03/07 18:09:17  tng
    * Return a reference instead of void for operator=
    *
  @@ -211,6 +233,7 @@
   #include <xercesc/framework/XMLEntityHandler.hpp>
   #include <xercesc/framework/XMLErrorReporter.hpp>
   #include <xercesc/framework/XMLBuffer.hpp>
  +#include <xercesc/util/SecurityManager.hpp>
   #include <xercesc/validators/DTD/DocTypeHandler.hpp>
   
   XERCES_CPP_NAMESPACE_BEGIN
  @@ -464,6 +487,23 @@
         */
       XMLCh* getExternalNoNamespaceSchemaLocation() const;
   
  +   /** Get the SecurityManager instance attached to this parser.
  +      *
  +      * This method returns the security manager 
  +      * that was specified using setSecurityManager.
  +      *
  +      * The SecurityManager instance must have been specified by the application; 
  +      * this should not be deleted until after the parser has been deleted (or
  +      * a new SecurityManager instance has been supplied to the parser).
  +      * 
  +      * @return a pointer to the SecurityManager instance 
  +      *         specified externally.  A null pointer is returned if nothing
  +      *         was specified externally.
  +      *
  +      * @see #setSecurityManager(const SecurityManager* const)
  +      */
  +    SecurityManager* getSecurityManager() const;
  +
       /** Get the 'Loading External DTD' flag
         *
         * This method returns the state of the parser's loading external DTD
  @@ -728,6 +768,23 @@
         * @see #setExternalNoNamespaceSchemaLocation(const XMLCh* const)
         */
       void setExternalNoNamespaceSchemaLocation(const char* const noNamespaceSchemaLocation);
  +
  +    /**
  +      * This allows an application to set a SecurityManager on
  +      * the parser; this object stores information that various
  +      * components use to limit their consumption of system
  +      * resources while processing documents.
  +      *
  +      * If this method is called more than once, only the last one takes effect.
  +      * It may not be reset during a parse.
  +      *
  +      *
  +      * @param securityManager  the SecurityManager instance to
  +      * be used by this parser
  +      *
  +      * @see #getSecurityManager
  +      */
  +    void setSecurityManager(SecurityManager* const securityManager);
   
       /** Set the 'Loading External DTD' flag
         *
  
  
  
  1.16      +21 -1     xml-xerces/c/src/xercesc/parsers/SAXParser.cpp
  
  Index: SAXParser.cpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/SAXParser.cpp,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- SAXParser.cpp	4 Feb 2003 19:27:43 -0000	1.15
  +++ SAXParser.cpp	17 Apr 2003 21:58:50 -0000	1.16
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2001 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -56,6 +56,28 @@
   
   /*
    * $Log$
  + * Revision 1.16  2003/04/17 21:58:50  neilg
  + * Adding a new property,
  + * http://apache.org/xml/properties/security-manager, with
  + * appropriate getSecurityManager/setSecurityManager methods on DOM
  + * and SAX parsers.  Also adding a new SecurityManager class.
  + *
  + * The purpose of these modifications is to permit applications a
  + * means to have the parser reject documents whose processing would
  + * otherwise consume large amounts of system resources.  Malicious
  + * use of such documents could be used to launch a denial-of-service
  + * attack against a system running the parser.  Initially, the
  + * SecurityManager only knows about attacks that can result from
  + * exponential entity expansion; this is the only known attack that
  + * involves processing a single XML document.  Other, simlar attacks
  + * can be launched if arbitrary schemas may be parsed; there already
  + * exist means (via use of the EntityResolver interface) by which
  + * applications can deny processing of untrusted schemas.  In future,
  + * the SecurityManager will be expanded to take these other exploits
  + * into account.
  + *
  + * add security manager
  + * 
    * Revision 1.15  2003/02/04 19:27:43  knoaman
    * Performance: use global buffer to eliminate repetitive memory creation/deletion.
    *
  @@ -436,6 +458,11 @@
       return fScanner->getExternalNoNamespaceSchemaLocation();
   }
   
  +SecurityManager* SAXParser::getSecurityManager() const
  +{
  +    return fScanner->getSecurityManager();
  +}
  +
   bool SAXParser::getLoadExternalDTD() const
   {
       return fScanner->getLoadExternalDTD();
  @@ -538,6 +565,16 @@
   void SAXParser::setExternalNoNamespaceSchemaLocation(const char* const noNamespaceSchemaLocation)
   {
       fScanner->setExternalNoNamespaceSchemaLocation(noNamespaceSchemaLocation);
  +}
  +
  +void SAXParser::setSecurityManager(SecurityManager* const securityManager)
  +{
  +    // since this could impact various components, don't permit it to change
  +    // during a parse
  +    if (fParseInProgress)
  +        ThrowXML(IOException, XMLExcepts::Gen_ParseInProgress);
  +
  +    fScanner->setSecurityManager(securityManager);
   }
   
   void SAXParser::setLoadExternalDTD(const bool newState)
  
  
  
  1.22      +8 -2      xml-xerces/c/src/xercesc/parsers/DOMBuilderImpl.cpp
  
  Index: DOMBuilderImpl.cpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/DOMBuilderImpl.cpp,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- DOMBuilderImpl.cpp	23 Jan 2003 19:19:50 -0000	1.21
  +++ DOMBuilderImpl.cpp	17 Apr 2003 21:58:50 -0000	1.22
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 2002 The Apache Software Foundation.  All rights
  + * Copyright (c) 2002, 2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -389,6 +389,10 @@
   	{
   		setExternalNoNamespaceSchemaLocation((XMLCh*)value);
   	}
  +	else if (XMLString::compareIString(name, XMLUni::fgXercesSecurityManager) == 0)
  +	{
  +		setSecurityManager((SecurityManager*)value);
  +	}
       else if (XMLString::equals(name, XMLUni::fgXercesScannerName))
       {
           AbstractDOMParser::useScanner((const XMLCh*) value);
  @@ -404,6 +408,8 @@
           return (void*)getExternalSchemaLocation();
       else if (XMLString::compareIString(name, XMLUni::fgXercesSchemaExternalNoNameSpaceSchemaLocation)
== 0)
           return (void*)getExternalNoNamespaceSchemaLocation();
  +    else if (XMLString::compareIString(name, XMLUni::fgXercesSecurityManager) == 0)
  +        return (void*)getSecurityManager();
       else
           throw DOMException(DOMException::NOT_FOUND_ERR, 0);
       return 0;
  
  
  
  1.19      +7 -1      xml-xerces/c/src/xercesc/parsers/SAX2XMLReaderImpl.hpp
  
  Index: SAX2XMLReaderImpl.hpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/SAX2XMLReaderImpl.hpp,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- SAX2XMLReaderImpl.hpp	7 Mar 2003 18:09:16 -0000	1.18
  +++ SAX2XMLReaderImpl.hpp	17 Apr 2003 21:58:50 -0000	1.19
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2001 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -56,6 +56,28 @@
   
   /*
    * $Log$
  + * Revision 1.19  2003/04/17 21:58:50  neilg
  + * Adding a new property,
  + * http://apache.org/xml/properties/security-manager, with
  + * appropriate getSecurityManager/setSecurityManager methods on DOM
  + * and SAX parsers.  Also adding a new SecurityManager class.
  + *
  + * The purpose of these modifications is to permit applications a
  + * means to have the parser reject documents whose processing would
  + * otherwise consume large amounts of system resources.  Malicious
  + * use of such documents could be used to launch a denial-of-service
  + * attack against a system running the parser.  Initially, the
  + * SecurityManager only knows about attacks that can result from
  + * exponential entity expansion; this is the only known attack that
  + * involves processing a single XML document.  Other, simlar attacks
  + * can be launched if arbitrary schemas may be parsed; there already
  + * exist means (via use of the EntityResolver interface) by which
  + * applications can deny processing of untrusted schemas.  In future,
  + * the SecurityManager will be expanded to take these other exploits
  + * into account.
  + *
  + * Adding SecurityManager support
  + * 
    * Revision 1.18  2003/03/07 18:09:16  tng
    * Return a reference instead of void for operator=
    *
  @@ -203,6 +225,7 @@
   #include <xercesc/internal/VecAttributesImpl.hpp>
   #include <xercesc/sax2/SAX2XMLReader.hpp>
   #include <xercesc/util/RefStackOf.hpp>
  +#include <xercesc/util/SecurityManager.hpp>
   #include <xercesc/util/ValueStackOf.hpp>
   #include <xercesc/framework/XMLBufferMgr.hpp>
   
  
  
  
  1.17      +12 -1     xml-xerces/c/src/xercesc/parsers/SAX2XMLReaderImpl.cpp
  
  Index: SAX2XMLReaderImpl.cpp
  ===================================================================
  RCS file: /home/cvs/xml-xerces/c/src/xercesc/parsers/SAX2XMLReaderImpl.cpp,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- SAX2XMLReaderImpl.cpp	3 Jan 2003 20:09:36 -0000	1.16
  +++ SAX2XMLReaderImpl.cpp	17 Apr 2003 21:58:50 -0000	1.17
  @@ -1,7 +1,7 @@
   /*
    * The Apache Software License, Version 1.1
    *
  - * Copyright (c) 1999-2001 The Apache Software Foundation.  All rights
  + * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
    * reserved.
    *
    * Redistribution and use in source and binary forms, with or without
  @@ -56,6 +56,28 @@
   
   /*
    * $Log$
  + * Revision 1.17  2003/04/17 21:58:50  neilg
  + * Adding a new property,
  + * http://apache.org/xml/properties/security-manager, with
  + * appropriate getSecurityManager/setSecurityManager methods on DOM
  + * and SAX parsers.  Also adding a new SecurityManager class.
  + *
  + * The purpose of these modifications is to permit applications a
  + * means to have the parser reject documents whose processing would
  + * otherwise consume large amounts of system resources.  Malicious
  + * use of such documents could be used to launch a denial-of-service
  + * attack against a system running the parser.  Initially, the
  + * SecurityManager only knows about attacks that can result from
  + * exponential entity expansion; this is the only known attack that
  + * involves processing a single XML document.  Other, simlar attacks
  + * can be launched if arbitrary schemas may be parsed; there already
  + * exist means (via use of the EntityResolver interface) by which
  + * applications can deny processing of untrusted schemas.  In future,
  + * the SecurityManager will be expanded to take these other exploits
  + * into account.
  + *
  + * Adding SecurityManager support
  + * 
    * Revision 1.16  2003/01/03 20:09:36  tng
    * New feature StandardUriConformant to force strict standard uri conformance.
    *
  @@ -1494,6 +1516,10 @@
   	{
   		fScanner->setExternalNoNamespaceSchemaLocation((XMLCh*)value);
   	}
  +	else if (XMLString::compareIString(name, XMLUni::fgXercesSecurityManager) == 0)
  +	{
  +		fScanner->setSecurityManager((SecurityManager*)value);
  +	}
       else if (XMLString::equals(name, XMLUni::fgXercesScannerName))
       {
           XMLScanner* tempScanner = XMLScannerResolver::resolveScanner((const XMLCh*) value,
fValidator);
  @@ -1518,6 +1544,8 @@
           return (void*)fScanner->getExternalSchemaLocation();
       else if (XMLString::compareIString(name, XMLUni::fgXercesSchemaExternalNoNameSpaceSchemaLocation)
== 0)
           return (void*)fScanner->getExternalNoNamespaceSchemaLocation();
  +    else if (XMLString::compareIString(name, XMLUni::fgXercesSecurityManager) == 0)
  +        return (void*)fScanner->getSecurityManager();
       else if (XMLString::equals(name, XMLUni::fgXercesScannerName))
           return (void*)fScanner->getName();
       else
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: xerces-cvs-unsubscribe@xml.apache.org
For additional commands, e-mail: xerces-cvs-help@xml.apache.org


Mime
View raw message