Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/jdk17u
 Path: blob/master/src/java.xml/share/classes/jdk/xml/internal/XMLLimitAnalyzer.java
67862 views
1
/*

2
 * Copyright (c) 2013, 2022, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25
package jdk.xml.internal;

26


27
import java.util.Formatter;

28
import java.util.HashMap;

29
import java.util.Map;

30
import jdk.xml.internal.XMLSecurityManager.Limit;

31


32


33
/**

34
 * A helper for analyzing entity expansion limits

35
 *

36
 */

37
public final class XMLLimitAnalyzer {

38


39
    /**

40
     * Map old property names with the new ones

41
     */

42
    public static enum NameMap {

43
        ENTITY_EXPANSION_LIMIT(JdkConstants.SP_ENTITY_EXPANSION_LIMIT, JdkConstants.ENTITY_EXPANSION_LIMIT),

44
        MAX_OCCUR_NODE_LIMIT(JdkConstants.SP_MAX_OCCUR_LIMIT, JdkConstants.MAX_OCCUR_LIMIT),

45
        ELEMENT_ATTRIBUTE_LIMIT(JdkConstants.SP_ELEMENT_ATTRIBUTE_LIMIT, JdkConstants.ELEMENT_ATTRIBUTE_LIMIT);

46


47
        final String newName;

48
        final String oldName;

49


50
        NameMap(String newName, String oldName) {

51
            this.newName = newName;

52
            this.oldName = oldName;

53
        }

54


55
        String getOldName(String newName) {

56
            if (newName.equals(this.newName)) {

57
                return oldName;

58
            }

59
            return null;

60
        }

61
    }

62


63
    /**

64
     * Max value accumulated for each property

65
     */

66
    private final int[] values;

67
    /**

68
     * Names of the entities corresponding to their max values

69
     */

70
    private final String[] names;

71
    /**

72
     * Total value of accumulated entities

73
     */

74
    private final int[] totalValue;

75


76
    /**

77
     * Maintain values of the top 10 elements in the process of parsing

78
     */

79
    private final Map<String, Integer>[] caches;

80


81
    private String entityStart, entityEnd;

82
    /**

83
     * Default constructor. Establishes default values for known security

84
     * vulnerabilities.

85
     */

86
    @SuppressWarnings({"rawtypes", "unchecked"})

87
    public XMLLimitAnalyzer() {

88
        values = new int[Limit.values().length];

89
        totalValue = new int[Limit.values().length];

90
        names = new String[Limit.values().length];

91
        caches = new Map[Limit.values().length];

92
    }

93


94
    /**

95
     * Add the value to the current max count for the specified property

96
     * To find the max value of all entities, set no limit

97
     *

98
     * @param limit the type of the property

99
     * @param entityName the name of the entity

100
     * @param value the value of the entity

101
     */

102
    public void addValue(Limit limit, String entityName, int value) {

103
        addValue(limit.ordinal(), entityName, value);

104
    }

105


106
    /**

107
     * Add the value to the current count by the index of the property

108
     * @param index the index of the property

109
     * @param entityName the name of the entity

110
     * @param value the value of the entity

111
     */

112
    public void addValue(int index, String entityName, int value) {

113
        if (index == Limit.ENTITY_EXPANSION_LIMIT.ordinal() ||

114
                index == Limit.MAX_OCCUR_NODE_LIMIT.ordinal() ||

115
                index == Limit.ELEMENT_ATTRIBUTE_LIMIT.ordinal() ||

116
                index == Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal() ||

117
                index == Limit.ENTITY_REPLACEMENT_LIMIT.ordinal()

118
                ) {

119
            totalValue[index] += value;

120
            return;

121
        }

122
        if (index == Limit.MAX_ELEMENT_DEPTH_LIMIT.ordinal() ||

123
                index == Limit.MAX_NAME_LIMIT.ordinal()) {

124
            values[index] = value;

125
            totalValue[index] = value;

126
            return;

127
        }

128


129
        Map<String, Integer> cache;

130
        if (caches[index] == null) {

131
            cache = new HashMap<>(10);

132
            caches[index] = cache;

133
        } else {

134
            cache = caches[index];

135
        }

136


137
        int accumulatedValue = value;

138
        if (cache.containsKey(entityName)) {

139
            accumulatedValue += cache.get(entityName);

140
            cache.put(entityName, accumulatedValue);

141
        } else {

142
            cache.put(entityName, value);

143
        }

144


145
        if (accumulatedValue > values[index]) {

146
            values[index] = accumulatedValue;

147
            names[index] = entityName;

148
        }

149


150


151
        if (index == Limit.GENERAL_ENTITY_SIZE_LIMIT.ordinal() ||

152
                index == Limit.PARAMETER_ENTITY_SIZE_LIMIT.ordinal()) {

153
            totalValue[Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal()] += value;

154
        }

155
    }

156


157
    /**

158
     * Return the value of the current max count for the specified property

159
     *

160
     * @param limit the property

161
     * @return the value of the property

162
     */

163
    public int getValue(Limit limit) {

164
        return getValue(limit.ordinal());

165
    }

166


167
    public int getValue(int index) {

168
        if (index == Limit.ENTITY_REPLACEMENT_LIMIT.ordinal()) {

169
            return totalValue[index];

170
        }

171
        return values[index];

172
    }

173
    /**

174
     * Return the total value accumulated so far

175
     *

176
     * @param limit the property

177
     * @return the accumulated value of the property

178
     */

179
    public int getTotalValue(Limit limit) {

180
        return totalValue[limit.ordinal()];

181
    }

182


183
    public int getTotalValue(int index) {

184
        return totalValue[index];

185
    }

186
    /**

187
     * Return the current max value (count or length) by the index of a property

188
     * @param index the index of a property

189
     * @return count of a property

190
     */

191
    public int getValueByIndex(int index) {

192
        return values[index];

193
    }

194


195
    public void startEntity(String name) {

196
        entityStart = name;

197
    }

198


199
    public boolean isTracking(String name) {

200
        if (entityStart == null) {

201
            return false;

202
        }

203
        return entityStart.equals(name);

204
    }

205
    /**

206
     * Stop tracking the entity

207
     * @param limit the limit property

208
     * @param name the name of an entity

209
     */

210
    public void endEntity(Limit limit, String name) {

211
        entityStart = "";

212
        Map<String, Integer> cache = caches[limit.ordinal()];

213
        if (cache != null) {

214
            cache.remove(name);

215
        }

216
    }

217


218
    /**

219
     * Resets the current value of the specified limit.

220
     * @param limit The limit to be reset.

221
     */

222
    public void reset(Limit limit) {

223
        if (limit.ordinal() == Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal()) {

224
            totalValue[limit.ordinal()] = 0;

225
        } else if (limit.ordinal() == Limit.GENERAL_ENTITY_SIZE_LIMIT.ordinal()) {

226
            names[limit.ordinal()] = null;

227
            values[limit.ordinal()] = 0;

228
            caches[limit.ordinal()] = null;

229
            totalValue[limit.ordinal()] = 0;

230
        }

231
    }

232


233
    public void debugPrint(XMLSecurityManager securityManager) {

234
        Formatter formatter = new Formatter();

235
        System.out.println(formatter.format("%30s %15s %15s %15s %30s",

236
                "Property","Limit","Total size","Size","Entity Name"));

237


238
        for (Limit limit : Limit.values()) {

239
            formatter = new Formatter();

240
            System.out.println(formatter.format("%30s %15d %15d %15d %30s",

241
                    limit.name(),

242
                    securityManager.getLimit(limit),

243
                    totalValue[limit.ordinal()],

244
                    values[limit.ordinal()],

245
                    names[limit.ordinal()]));

246
        }

247
    }

248
}

249


250