8144593: Suppress not recognized property/feature warning messages from SAXParser

Reviewed-by: joehw
This commit is contained in:
Aleksei Efimov 2016-02-04 18:31:11 +03:00
parent 7f0667866d
commit 6df6c45593
11 changed files with 429 additions and 23 deletions
jaxp
src/java.xml/share/classes/com/sun/org/apache
xalan/internal
xerces/internal
xml/internal/utils
test/javax/xml/jaxp/unittest/common

@ -26,6 +26,8 @@
package com.sun.org.apache.xalan.internal.utils;
import com.sun.org.apache.xalan.internal.XalanConstants;
import java.util.concurrent.CopyOnWriteArrayList;
import org.xml.sax.SAXException;
/**
@ -415,6 +417,23 @@ public final class XMLSecurityManager {
}
// Array list to store printed warnings for each SAX parser used
private static final CopyOnWriteArrayList<String> printedWarnings = new CopyOnWriteArrayList<>();
/**
* Prints out warnings if a parser does not support the specified feature/property.
*
* @param parserClassName the name of the parser class
* @param propertyName the property name
* @param exception the exception thrown by the parser
*/
public static void printWarning(String parserClassName, String propertyName, SAXException exception) {
String key = parserClassName+":"+propertyName;
if (printedWarnings.addIfAbsent(key)) {
System.err.println( "Warning: "+parserClassName+": "+exception.getMessage());
}
}
/**
* Read from system properties, or those in jaxp.properties
*

@ -489,18 +489,20 @@ public class Parser implements Constants, ContentHandler {
}
final XMLReader reader = parser.getXMLReader();
String lastProperty = "";
try {
XMLSecurityManager securityManager =
(XMLSecurityManager)_xsltc.getProperty(XalanConstants.SECURITY_MANAGER);
for (XMLSecurityManager.Limit limit : XMLSecurityManager.Limit.values()) {
reader.setProperty(limit.apiProperty(), securityManager.getLimitValueAsString(limit));
lastProperty = limit.apiProperty();
reader.setProperty(lastProperty, securityManager.getLimitValueAsString(limit));
}
if (securityManager.printEntityCountInfo()) {
lastProperty = XalanConstants.JDK_ENTITY_COUNT_INFO;
parser.setProperty(XalanConstants.JDK_ENTITY_COUNT_INFO, XalanConstants.JDK_YES);
}
} catch (SAXException se) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ se.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(), lastProperty, se);
}
return(parse(reader, input));

@ -29,7 +29,6 @@ import java.io.Reader;
import javax.xml.XMLConstants;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import javax.xml.stream.XMLEventReader;
@ -39,7 +38,6 @@ import javax.xml.transform.Source;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.sax.SAXSource;
import javax.xml.transform.stax.StAXResult;
import javax.xml.transform.stax.StAXSource;
import javax.xml.transform.stream.StreamSource;
@ -111,8 +109,8 @@ public final class Util {
reader.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING,
xsltc.isSecureProcessing());
} catch (SAXNotRecognizedException e) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ e.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(),
XMLConstants.FEATURE_SECURE_PROCESSING, e);
}
} catch (Exception e ) {
try {
@ -149,25 +147,27 @@ public final class Util {
reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
xsltc.getProperty(XMLConstants.ACCESS_EXTERNAL_DTD));
} catch (SAXNotRecognizedException e) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ e.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(),
XMLConstants.ACCESS_EXTERNAL_DTD, e);
}
String lastProperty = "";
try {
XMLSecurityManager securityManager =
(XMLSecurityManager)xsltc.getProperty(XalanConstants.SECURITY_MANAGER);
if (securityManager != null) {
for (XMLSecurityManager.Limit limit : XMLSecurityManager.Limit.values()) {
reader.setProperty(limit.apiProperty(),
lastProperty = limit.apiProperty();
reader.setProperty(lastProperty,
securityManager.getLimitValueAsString(limit));
}
if (securityManager.printEntityCountInfo()) {
lastProperty = XalanConstants.JDK_ENTITY_COUNT_INFO;
reader.setProperty(XalanConstants.JDK_ENTITY_COUNT_INFO, XalanConstants.JDK_YES);
}
}
} catch (SAXException se) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ se.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(), lastProperty, se);
}
xsltc.setXMLReader(reader);
}catch (SAXNotRecognizedException snre ) {

@ -2249,8 +2249,8 @@ public class XSDHandler {
try {
parser.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, fAccessExternalDTD);
} catch (SAXNotRecognizedException exc) {
System.err.println("Warning: " + parser.getClass().getName() + ": " +
exc.getMessage());
XMLSecurityManager.printWarning(parser.getClass().getName(),
XMLConstants.ACCESS_EXTERNAL_DTD, exc);
}
}
// If XML names and Namespace URIs are already internalized we

@ -697,8 +697,8 @@ final class ValidatorHandlerImpl extends ValidatorHandler implements
reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD));
} catch (SAXException exc) {
System.err.println("Warning: " + reader.getClass().getName() + ": " +
exc.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(),
XMLConstants.ACCESS_EXTERNAL_DTD, exc);
}
}
} catch( Exception e ) {

@ -27,6 +27,8 @@ package com.sun.org.apache.xerces.internal.utils;
import com.sun.org.apache.xerces.internal.impl.Constants;
import com.sun.org.apache.xerces.internal.util.SecurityManager;
import java.util.concurrent.CopyOnWriteArrayList;
import org.xml.sax.SAXException;
/**
* This class manages standard and implementation-specific limitations.
@ -496,6 +498,23 @@ public final class XMLSecurityManager {
}
// Array list to store printed warnings for each SAX parser used
private static final CopyOnWriteArrayList<String> printedWarnings = new CopyOnWriteArrayList<>();
/**
* Prints out warnings if a parser does not support the specified feature/property.
*
* @param parserClassName the name of the parser class
* @param propertyName the property name
* @param exception the exception thrown by the parser
*/
public static void printWarning(String parserClassName, String propertyName, SAXException exception) {
String key = parserClassName+":"+propertyName;
if (printedWarnings.addIfAbsent(key)) {
System.err.println( "Warning: "+parserClassName+": "+exception.getMessage());
}
}
/**
* Read from system properties, or those in jaxp.properties
*

@ -128,8 +128,8 @@ public class XMLReaderManager {
try {
reader.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, _secureProcessing);
} catch (SAXNotRecognizedException e) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ e.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(),
XMLConstants.FEATURE_SECURE_PROCESSING, e);
}
} catch (Exception e) {
try {
@ -172,23 +172,25 @@ public class XMLReaderManager {
//reader is cached, but this property might have been reset
reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, _accessExternalDTD);
} catch (SAXException se) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ se.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(),
XMLConstants.ACCESS_EXTERNAL_DTD, se);
}
String lastProperty = "";
try {
if (_xmlSecurityManager != null) {
for (XMLSecurityManager.Limit limit : XMLSecurityManager.Limit.values()) {
reader.setProperty(limit.apiProperty(),
lastProperty = limit.apiProperty();
reader.setProperty(lastProperty,
_xmlSecurityManager.getLimitValueAsString(limit));
}
if (_xmlSecurityManager.printEntityCountInfo()) {
lastProperty = XalanConstants.JDK_ENTITY_COUNT_INFO;
reader.setProperty(XalanConstants.JDK_ENTITY_COUNT_INFO, XalanConstants.JDK_YES);
}
}
} catch (SAXException se) {
System.err.println("Warning: " + reader.getClass().getName() + ": "
+ se.getMessage());
XMLSecurityManager.printWarning(reader.getClass().getName(), lastProperty, se);
}
return reader;

@ -0,0 +1,58 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package common;
import com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl;
import javax.xml.XMLConstants;
import org.xml.sax.SAXNotRecognizedException;
import org.xml.sax.SAXNotSupportedException;
/*
* Test implementation of SAXParser. It is extended from JDK parser and two methods
* are overriden to disable support of specific features and properties.
* This class is used in ValidationWarningsTest and TransformationWarningsTest
* to generate multiple warnings during xml validation and transformation processes.
*/
public class TestSAXDriver extends SAXParserImpl.JAXPSAXParser {
@Override
public synchronized void setFeature(String name, boolean value) throws SAXNotRecognizedException, SAXNotSupportedException {
if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) {
throw new SAXNotRecognizedException(name+" feature is not recognised by test SAX parser intentionally.");
} else {
super.setFeature(name, value);
}
}
@Override
public synchronized void setProperty(String name, Object value) throws SAXNotRecognizedException, SAXNotSupportedException {
if (XMLConstants.ACCESS_EXTERNAL_DTD.equals(name) || ENT_EXP_LIMIT_PROP.equals(name)) {
throw new SAXNotRecognizedException(name+" property is not recognised by test SAX parser intentionally.");
} else {
super.setProperty(name, value);
}
}
private static final String ENT_EXP_LIMIT_PROP = "http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit";
}

@ -0,0 +1,93 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package common;
import java.io.StringReader;
import java.io.StringWriter;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
import org.testng.annotations.Test;
import org.testng.annotations.BeforeClass;
/*
* @test
* @modules javax.xml/com.sun.org.apache.xerces.internal.jaxp
* @bug 8144593
* @summary Check that warnings about unsupported properties from parsers
* are suppressed during the transformation process.
*/
public class TransformationWarningsTest extends WarningsTestBase {
@BeforeClass
public void setup() {
//Set test SAX driver implementation.
System.setProperty("org.xml.sax.driver", "common.TestSAXDriver");
}
@Test
public void testTransformation() throws Exception {
startTest();
}
//One iteration of xml transformation test case. It will be called from each
//TestWorker task defined in WarningsTestBase class.
void doOneTestIteration() throws Exception {
// Prepare output stream
StringWriter xmlResultString = new StringWriter();
StreamResult xmlResultStream = new StreamResult(xmlResultString);
// Prepare xml source stream
Source src = new StreamSource(new StringReader(xml));
Transformer t = createTransformer();
//Transform the xml
t.transform(src, xmlResultStream);
}
//Create transformer from xsl test string
Transformer createTransformer() throws Exception {
// Prepare sources for transormation
Source xslsrc = new StreamSource(new StringReader(xsl));
// Create factory and transformer
TransformerFactory tf = TransformerFactory.newInstance();
Transformer t = tf.newTransformer(xslsrc);
// Set URI Resolver to return the newly constructed xml
// stream source object from xml test string
t.setURIResolver((String href, String base) -> new StreamSource(new StringReader(xml)));
return t;
}
//Xsl and Xml contents used in the transformation test
private static final String xsl = "<xsl:stylesheet version='2.0'"
+ " xmlns:xsl='http://www.w3.org/1999/XSL/Transform'>"
+ " <xsl:output method='xml' indent='yes' omit-xml-declaration='yes'/>"
+ " <xsl:template match='/'>"
+ " <test>Simple Transformation Result. No warnings should be printed to console</test>"
+ " </xsl:template>"
+ "</xsl:stylesheet>";
private static final String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><root></root>";
}

@ -0,0 +1,77 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package common;
import java.io.ByteArrayInputStream;
import java.io.StringReader;
import javax.xml.XMLConstants;
import javax.xml.transform.Source;
import javax.xml.transform.sax.SAXSource;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import org.testng.annotations.Test;
import org.testng.annotations.BeforeClass;
import org.xml.sax.InputSource;
/*
* @test
* @modules javax.xml/com.sun.org.apache.xerces.internal.jaxp
* @bug 8144593
* @summary Check that warnings about unsupported properties from SAX
* parsers are suppressed during the xml validation process.
*/
public class ValidationWarningsTest extends WarningsTestBase {
@BeforeClass
public void setup() {
//Set test SAX driver implementation.
System.setProperty("org.xml.sax.driver", "common.TestSAXDriver");
}
@Test
public void testValidation() throws Exception {
startTest();
}
//One iteration of xml validation test case. It will be called from each
//TestWorker task defined in WarningsTestBase class.
void doOneTestIteration() throws Exception {
Source src = new StreamSource(new StringReader(xml));
SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
SAXSource xsdSource = new SAXSource(new InputSource(new ByteArrayInputStream(xsd.getBytes())));
Schema schema = schemaFactory.newSchema(xsdSource);
Validator v = schema.newValidator();
v.validate(src);
}
//Xsd and Xml contents used in the validation test
private static final String xsd = "<?xml version='1.0'?>"
+ " <xs:schema xmlns:xs='http://www.w3.org/2001/XMLSchema'>"
+ " <xs:element name='test' type='xs:string'/>\n"
+ " </xs:schema>";
private static final String xml = "<?xml version='1.0'?><test>Element</test>";
}

@ -0,0 +1,136 @@
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package common;
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import java.util.concurrent.CyclicBarrier;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.xml.XMLConstants;
import org.testng.Assert;
/*
* This class helps to test suppression of unsupported parser properties
* messages printed to standard error output.
* It launches THREADS_COUNT tasks. Each task does ITERATIONS_PER_THREAD
* sequential calls to doOneIteration method implemented by specific test class.
*/
public abstract class WarningsTestBase {
/*
* Abstract method that should be implemented by test class.
* It is repeatedly called by each TestWorker task.
*/
abstract void doOneTestIteration() throws Exception;
/*
* Launches parallel test tasks and check the output for the number of
* generated warning messages. There should be no more than one message of
* each type.
*/
void startTest() throws Exception {
//Save standard error stream
PrintStream defStdErr = System.err;
//Set new byte array stream as standard error stream
ByteArrayOutputStream byteStream = new ByteArrayOutputStream(5000);
System.setErr(new PrintStream(byteStream));
//Execute multiple TestWorker tasks
for (int id = 0; id < THREADS_COUNT; id++) {
EXECUTOR.execute(new TestWorker(id));
}
//Initiate shutdown of previously submitted task
EXECUTOR.shutdown();
//Wait for termination of submitted tasks
if (!EXECUTOR.awaitTermination(THREADS_COUNT, TimeUnit.SECONDS)) {
//If not all tasks terminates during the time out force them to shutdown
EXECUTOR.shutdownNow();
}
//Restore default standard error stream
System.setErr(defStdErr);
//Print tasks stderr output
String errContent = byteStream.toString();
System.out.println("Standard error output content:");
System.out.println(errContent);
//Check tasks stderr output for quatity of warning messages
Assert.assertTrue(warningPrintedOnce(XMLConstants.ACCESS_EXTERNAL_DTD, errContent));
Assert.assertTrue(warningPrintedOnce(ENT_EXP_PROPERTY, errContent));
Assert.assertTrue(warningPrintedOnce(XMLConstants.FEATURE_SECURE_PROCESSING, errContent));
}
// Count occurences of warning messages in standard error and check if warning is printed
// not more than once
private boolean warningPrintedOnce(String propertyName, String testOutput) {
//Count for property name in test output
Pattern p = Pattern.compile(propertyName);
Matcher m = p.matcher(testOutput);
int count = 0;
while (m.find()) {
count += 1;
}
System.out.println("'" + propertyName + "' print count: " + count);
//If count is more than 1 then consider test failed
return count <= 1;
}
//TestWorker task that sequentially calls test method
private class TestWorker implements Runnable {
// Task id
private final int id;
TestWorker(int id) {
this.id = id;
}
@Override
public void run() {
try {
System.out.printf("%d: waiting for barrier%n", id);
//Synchronize startup of all tasks
BARRIER.await();
System.out.printf("%d: starting iterations%n", id);
//Call test method multiple times
for (int i = 0; i < ITERATIONS_PER_THREAD; i++) {
doOneTestIteration();
}
} catch (Exception ex) {
throw new RuntimeException("TestWorker id:" + id + " failed", ex);
}
}
}
//Entity expansion limit property name
private static final String ENT_EXP_PROPERTY = "http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit";
//Number of simultaneous test threads
private static final int THREADS_COUNT = 10;
//Number of iterations per one thread
private static final int ITERATIONS_PER_THREAD = 4;
//Test thread pool
private static final ExecutorService EXECUTOR = Executors.newCachedThreadPool();
//Cyclic barrier for threads startup synchronisation
private static final CyclicBarrier BARRIER = new CyclicBarrier(THREADS_COUNT);
}