1 /*
2 * Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved.
3 */
4 /*
5 * Licensed to the Apache Software Foundation (ASF) under one or more
6 * contributor license agreements. See the NOTICE file distributed with
7 * this work for additional information regarding copyright ownership.
8 * The ASF licenses this file to You under the Apache License, Version 2.0
9 * (the "License"); you may not use this file except in compliance with
10 * the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20 /*
21 * $Id: TemplatesImpl.java,v 1.8 2007/03/26 20:12:27 spericas Exp $
22 */
23
24 package com.sun.org.apache.xalan.internal.xsltc.trax;
25
26 import com.sun.org.apache.xalan.internal.XalanConstants;
27 import com.sun.org.apache.xalan.internal.utils.ObjectFactory;
28 import com.sun.org.apache.xalan.internal.utils.SecuritySupport;
29 import com.sun.org.apache.xalan.internal.xsltc.DOM;
30 import com.sun.org.apache.xalan.internal.xsltc.Translet;
31 import com.sun.org.apache.xalan.internal.xsltc.compiler.Constants;
32 import com.sun.org.apache.xalan.internal.xsltc.compiler.util.ErrorMsg;
33 import com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet;
34 import java.io.IOException;
35 import java.io.UncheckedIOException;
36 import java.io.NotSerializableException;
37 import java.io.ObjectInputStream;
38 import java.io.ObjectOutputStream;
39 import java.io.ObjectStreamField;
40 import java.io.Serializable;
41 import java.lang.module.Configuration;
42 import java.lang.module.ModuleDescriptor;
43 import java.lang.module.ModuleFinder;
44 import java.lang.module.ModuleReference;
45 import java.lang.reflect.Layer;
46 import java.lang.reflect.Module;
47 import java.security.AccessController;
48 import java.security.PrivilegedAction;
49 import java.util.Arrays;
50 import java.util.HashMap;
51 import java.util.Map;
52 import java.util.Optional;
53 import java.util.Properties;
54 import java.util.Set;
55 import javax.xml.XMLConstants;
56 import javax.xml.transform.Templates;
57 import javax.xml.transform.Transformer;
58 import javax.xml.transform.TransformerConfigurationException;
59 import javax.xml.transform.URIResolver;
60
61
62 /**
63 * @author Morten Jorgensen
64 * @author G. Todd Millerj
65 * @author Jochen Cordes <Jochen.Cordes@t-online.de>
66 * @author Santiago Pericas-Geertsen
67 */
68 public final class TemplatesImpl implements Templates, Serializable {
69 static final long serialVersionUID = 673094361519270707L;
70 public final static String DESERIALIZE_TRANSLET = "jdk.xml.enableTemplatesImplDeserialization";
71
72 /**
73 * Name of the superclass of all translets. This is needed to
74 * determine which, among all classes comprising a translet,
75 * is the main one.
76 */
77 private static String ABSTRACT_TRANSLET
78 = "com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet";
79
80 /**
81 * Name of the main class or default name if unknown.
82 */
83 private String _name = null;
84
85 /**
86 * Contains the actual class definition for the translet class and
87 * any auxiliary classes.
88 */
89 private byte[][] _bytecodes = null;
90
91 /**
92 * Contains the translet class definition(s). These are created when
93 * this Templates is created or when it is read back from disk.
94 */
95 private Class[] _class = null;
96
97 /**
98 * The index of the main translet class in the arrays _class[] and
99 * _bytecodes.
100 */
101 private int _transletIndex = -1;
102
103 /**
104 * Contains the list of auxiliary class definitions.
105 */
106 private transient Map<String, Class<?>> _auxClasses = null;
107
108 /**
109 * Output properties of this translet.
110 */
111 private Properties _outputProperties;
112
113 /**
114 * Number of spaces to add for output indentation.
115 */
116 private int _indentNumber;
117
118 /**
119 * This URIResolver is passed to all Transformers.
120 * Declaring it transient to fix bug 22438
121 */
122 private transient URIResolver _uriResolver = null;
123
124 /**
125 * Cache the DTM for the stylesheet in a thread local variable,
126 * which is used by the document('') function.
127 * Use ThreadLocal because a DTM cannot be shared between
128 * multiple threads.
129 * Declaring it transient to fix bug 22438
130 */
131 private transient ThreadLocal _sdom = new ThreadLocal();
132
133 /**
134 * A reference to the transformer factory that this templates
135 * object belongs to.
136 */
137 private transient TransformerFactoryImpl _tfactory = null;
138
139 /**
140 * A flag to determine whether the Service Mechanism is used
141 */
142 private transient boolean _useServicesMechanism;
143
144 /**
145 * protocols allowed for external references set by the stylesheet processing instruction, Import and Include element.
146 */
147 private transient String _accessExternalStylesheet = XalanConstants.EXTERNAL_ACCESS_DEFAULT;
148
149 /**
150 * @serialField _name String The Name of the main class
151 * @serialField _bytecodes byte[][] Class definition
152 * @serialField _class Class[] The translet class definition(s).
153 * @serialField _transletIndex int The index of the main translet class
154 * @serialField _outputProperties Properties Output properties of this translet.
155 * @serialField _indentNumber int Number of spaces to add for output indentation.
156 */
157 private static final ObjectStreamField[] serialPersistentFields =
158 new ObjectStreamField[] {
159 new ObjectStreamField("_name", String.class),
160 new ObjectStreamField("_bytecodes", byte[][].class),
161 new ObjectStreamField("_class", Class[].class),
162 new ObjectStreamField("_transletIndex", int.class),
163 new ObjectStreamField("_outputProperties", Properties.class),
164 new ObjectStreamField("_indentNumber", int.class),
165 };
166
167 static final class TransletClassLoader extends ClassLoader {
168 private final Map<String,Class> _loadedExternalExtensionFunctions;
169
170 TransletClassLoader(ClassLoader parent) {
171 super(parent);
172 _loadedExternalExtensionFunctions = null;
173 }
174
175 TransletClassLoader(ClassLoader parent,Map<String, Class> mapEF) {
176 super(parent);
177 _loadedExternalExtensionFunctions = mapEF;
178 }
179
180 public Class<?> loadClass(String name) throws ClassNotFoundException {
181 Class<?> ret = null;
182 // The _loadedExternalExtensionFunctions will be empty when the
183 // SecurityManager is not set and the FSP is turned off
184 if (_loadedExternalExtensionFunctions != null) {
185 ret = _loadedExternalExtensionFunctions.get(name);
186 }
187 if (ret == null) {
188 ret = super.loadClass(name);
189 }
190 return ret;
191 }
192
193 /**
194 * Access to final protected superclass member from outer class.
195 */
196 Class defineClass(final byte[] b) {
197 return defineClass(null, b, 0, b.length);
198 }
199 }
200
201
202 /**
203 * Create an XSLTC template object from the bytecodes.
204 * The bytecodes for the translet and auxiliary classes, plus the name of
205 * the main translet class, must be supplied.
206 */
207 protected TemplatesImpl(byte[][] bytecodes, String transletName,
208 Properties outputProperties, int indentNumber,
209 TransformerFactoryImpl tfactory)
210 {
211 _bytecodes = bytecodes;
212 init(transletName, outputProperties, indentNumber, tfactory);
213 }
214
215 /**
216 * Create an XSLTC template object from the translet class definition(s).
217 */
218 protected TemplatesImpl(Class[] transletClasses, String transletName,
219 Properties outputProperties, int indentNumber,
220 TransformerFactoryImpl tfactory)
221 {
222 _class = transletClasses;
223 _transletIndex = 0;
224 init(transletName, outputProperties, indentNumber, tfactory);
225 }
226
227 private void init(String transletName,
228 Properties outputProperties, int indentNumber,
229 TransformerFactoryImpl tfactory) {
230 _name = transletName;
231 _outputProperties = outputProperties;
232 _indentNumber = indentNumber;
233 _tfactory = tfactory;
234 _useServicesMechanism = tfactory.useServicesMechnism();
235 _accessExternalStylesheet = (String) tfactory.getAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET);
236 }
237 /**
238 * Need for de-serialization, see readObject().
239 */
240 public TemplatesImpl() { }
241
242 /**
243 * Overrides the default readObject implementation since we decided
244 * it would be cleaner not to serialize the entire tranformer
245 * factory. [ ref bugzilla 12317 ]
246 * We need to check if the user defined class for URIResolver also
247 * implemented Serializable
248 * if yes then we need to deserialize the URIResolver
249 * Fix for bugzilla bug 22438
250 */
251 @SuppressWarnings("unchecked")
252 private void readObject(ObjectInputStream is)
253 throws IOException, ClassNotFoundException
254 {
255 SecurityManager security = System.getSecurityManager();
256 if (security != null){
257 String temp = SecuritySupport.getSystemProperty(DESERIALIZE_TRANSLET);
258 if (temp == null || !(temp.length()==0 || temp.equalsIgnoreCase("true"))) {
259 ErrorMsg err = new ErrorMsg(ErrorMsg.DESERIALIZE_TRANSLET_ERR);
260 throw new UnsupportedOperationException(err.toString());
261 }
262 }
263
264 // We have to read serialized fields first.
265 ObjectInputStream.GetField gf = is.readFields();
266 _name = (String)gf.get("_name", null);
267 _bytecodes = (byte[][])gf.get("_bytecodes", null);
268 _class = (Class[])gf.get("_class", null);
269 _transletIndex = gf.get("_transletIndex", -1);
270
271 _outputProperties = (Properties)gf.get("_outputProperties", null);
272 _indentNumber = gf.get("_indentNumber", 0);
273
274 if (is.readBoolean()) {
275 _uriResolver = (URIResolver) is.readObject();
276 }
277
278 _tfactory = new TransformerFactoryImpl();
279 }
280
281
282 /**
283 * This is to fix bugzilla bug 22438
284 * If the user defined class implements URIResolver and Serializable
285 * then we want it to get serialized
286 */
287 private void writeObject(ObjectOutputStream os)
288 throws IOException, ClassNotFoundException {
289 if (_auxClasses != null) {
290 //throw with the same message as when Hashtable was used for compatibility.
291 throw new NotSerializableException(
292 "com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable");
293 }
294
295 // Write serialized fields
296 ObjectOutputStream.PutField pf = os.putFields();
297 pf.put("_name", _name);
298 pf.put("_bytecodes", _bytecodes);
299 pf.put("_class", _class);
300 pf.put("_transletIndex", _transletIndex);
301 pf.put("_outputProperties", _outputProperties);
302 pf.put("_indentNumber", _indentNumber);
303 os.writeFields();
304
305 if (_uriResolver instanceof Serializable) {
306 os.writeBoolean(true);
307 os.writeObject((Serializable) _uriResolver);
308 }
309 else {
310 os.writeBoolean(false);
311 }
312 }
313
314 /**
315 * Return the state of the services mechanism feature.
316 */
317 public boolean useServicesMechnism() {
318 return _useServicesMechanism;
319 }
320
321 /**
322 * Store URIResolver needed for Transformers.
323 */
324 public synchronized void setURIResolver(URIResolver resolver) {
325 _uriResolver = resolver;
326 }
327
328 /**
329 * The TransformerFactory must pass us the translet bytecodes using this
330 * method before we can create any translet instances
331 *
332 * Note: This method is private for security reasons. See
333 * CR 6537898. When merging with Apache, we must ensure
334 * that the privateness of this method is maintained (that
335 * is why it wasn't removed).
336 */
337 private synchronized void setTransletBytecodes(byte[][] bytecodes) {
338 _bytecodes = bytecodes;
339 }
340
341 /**
342 * Returns the translet bytecodes stored in this template
343 *
344 * Note: This method is private for security reasons. See
345 * CR 6537898. When merging with Apache, we must ensure
346 * that the privateness of this method is maintained (that
347 * is why it wasn't removed).
348 */
349 private synchronized byte[][] getTransletBytecodes() {
350 return _bytecodes;
351 }
352
353 /**
354 * Returns the translet bytecodes stored in this template
355 *
356 * Note: This method is private for security reasons. See
357 * CR 6537898. When merging with Apache, we must ensure
358 * that the privateness of this method is maintained (that
359 * is why it wasn't removed).
360 */
361 private synchronized Class[] getTransletClasses() {
362 try {
363 if (_class == null) defineTransletClasses();
364 }
365 catch (TransformerConfigurationException e) {
366 // Falls through
367 }
368 return _class;
369 }
370
371 /**
372 * Returns the index of the main class in array of bytecodes
373 */
374 public synchronized int getTransletIndex() {
375 try {
376 if (_class == null) defineTransletClasses();
377 }
378 catch (TransformerConfigurationException e) {
379 // Falls through
380 }
381 return _transletIndex;
382 }
383
384 /**
385 * The TransformerFactory should call this method to set the translet name
386 */
387 protected synchronized void setTransletName(String name) {
388 _name = name;
389 }
390
391 /**
392 * Returns the name of the main translet class stored in this template
393 */
394 protected synchronized String getTransletName() {
395 return _name;
396 }
397
398
399 /**
400 * Creates a module layer with one module that is defined to the given class
401 * loader.
402 */
403 private Module createModule(ModuleDescriptor descriptor, ClassLoader loader) {
404 String mn = descriptor.name();
405
406 ModuleReference mref = new ModuleReference(descriptor, null, () -> {
407 IOException ioe = new IOException("<dynamic module>");
408 throw new UncheckedIOException(ioe);
409 });
410
411 ModuleFinder finder = new ModuleFinder() {
412 @Override
413 public Optional<ModuleReference> find(String name) {
414 if (name.equals(mn)) {
415 return Optional.of(mref);
416 } else {
417 return Optional.empty();
418 }
419 }
420 @Override
421 public Set<ModuleReference> findAll() {
422 return Set.of(mref);
423 }
424 };
425
426 Layer bootLayer = Layer.boot();
427
428 Configuration cf = bootLayer.configuration()
429 .resolveRequires(finder, ModuleFinder.of(), Set.of(mn));
430
431 PrivilegedAction<Layer> pa = () -> bootLayer.defineModules(cf, name -> loader);
432 Layer layer = AccessController.doPrivileged(pa);
433
434 Module m = layer.findModule(mn).get();
435 assert m.getLayer() == layer;
436
437 return m;
438 }
439
440 /**
441 * Defines the translet class and auxiliary classes.
442 * Returns a reference to the Class object that defines the main class
443 */
444 private void defineTransletClasses()
445 throws TransformerConfigurationException {
446
447 if (_bytecodes == null) {
448 ErrorMsg err = new ErrorMsg(ErrorMsg.NO_TRANSLET_CLASS_ERR);
449 throw new TransformerConfigurationException(err.toString());
450 }
451
452 TransletClassLoader loader = (TransletClassLoader)
453 AccessController.doPrivileged(new PrivilegedAction() {
454 public Object run() {
455 return new TransletClassLoader(ObjectFactory.findClassLoader(),_tfactory.getExternalExtensionsMap());
456 }
457 });
458
459 try {
460 final int classCount = _bytecodes.length;
461 _class = new Class[classCount];
462
463 if (classCount > 1) {
464 _auxClasses = new HashMap<>();
465 }
466
467 // create a module for the translet
468
469 String mn = "jdk.translet";
470
471 String pn = _tfactory.getPackageName();
472 assert pn != null && pn.length() > 0;
473
474 ModuleDescriptor descriptor
475 = new ModuleDescriptor.Builder(mn)
476 .requires("java.xml")
477 .exports(pn)
478 .build();
479
480 Module m = createModule(descriptor, loader);
481
482 // the module needs access to runtime classes
483 Module thisModule = TemplatesImpl.class.getModule();
484 Arrays.asList(Constants.PKGS_USED_BY_TRANSLET_CLASSES).forEach(p -> {
485 thisModule.addExports(p, m);
486 });
487
488 // java.xml needs to instanitate the translet class
489 thisModule.addReads(m);
490
491 for (int i = 0; i < classCount; i++) {
492 _class[i] = loader.defineClass(_bytecodes[i]);
493 final Class superClass = _class[i].getSuperclass();
494
495 // Check if this is the main class
496 if (superClass.getName().equals(ABSTRACT_TRANSLET)) {
497 _transletIndex = i;
498 }
499 else {
500 _auxClasses.put(_class[i].getName(), _class[i]);
501 }
502 }
503
504 if (_transletIndex < 0) {
505 ErrorMsg err= new ErrorMsg(ErrorMsg.NO_MAIN_TRANSLET_ERR, _name);
506 throw new TransformerConfigurationException(err.toString());
507 }
508 }
509 catch (ClassFormatError e) {
510 ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_CLASS_ERR, _name);
511 throw new TransformerConfigurationException(err.toString());
512 }
513 catch (LinkageError e) {
514 ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_OBJECT_ERR, _name);
515 throw new TransformerConfigurationException(err.toString(), e);
516 }
517 }
518
519 /**
520 * This method generates an instance of the translet class that is
521 * wrapped inside this Template. The translet instance will later
522 * be wrapped inside a Transformer object.
523 */
524 private Translet getTransletInstance()
525 throws TransformerConfigurationException {
526 try {
527 if (_name == null) return null;
528
529 if (_class == null) defineTransletClasses();
530
531 // The translet needs to keep a reference to all its auxiliary
532 // class to prevent the GC from collecting them
533 AbstractTranslet translet = (AbstractTranslet) _class[_transletIndex].newInstance();
534 translet.postInitialization();
535 translet.setTemplates(this);
536 translet.setServicesMechnism(_useServicesMechanism);
537 translet.setAllowedProtocols(_accessExternalStylesheet);
538 if (_auxClasses != null) {
539 translet.setAuxiliaryClasses(_auxClasses);
540 }
541
542 return translet;
543 }
544 catch (InstantiationException e) {
545 ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_OBJECT_ERR, _name);
546 throw new TransformerConfigurationException(err.toString());
547 }
548 catch (IllegalAccessException e) {
549 ErrorMsg err = new ErrorMsg(ErrorMsg.TRANSLET_OBJECT_ERR, _name);
550 throw new TransformerConfigurationException(err.toString());
551 }
552 }
553
554 /**
555 * Implements JAXP's Templates.newTransformer()
556 *
557 * @throws TransformerConfigurationException
558 */
559 public synchronized Transformer newTransformer()
560 throws TransformerConfigurationException
561 {
562 TransformerImpl transformer;
563
564 transformer = new TransformerImpl(getTransletInstance(), _outputProperties,
565 _indentNumber, _tfactory);
566
567 if (_uriResolver != null) {
568 transformer.setURIResolver(_uriResolver);
569 }
570
571 if (_tfactory.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING)) {
572 transformer.setSecureProcessing(true);
573 }
574 return transformer;
575 }
576
577 /**
578 * Implements JAXP's Templates.getOutputProperties(). We need to
579 * instanciate a translet to get the output settings, so
580 * we might as well just instanciate a Transformer and use its
581 * implementation of this method.
582 */
583 public synchronized Properties getOutputProperties() {
584 try {
585 return newTransformer().getOutputProperties();
586 }
587 catch (TransformerConfigurationException e) {
588 return null;
589 }
590 }
591
592 /**
593 * Return the thread local copy of the stylesheet DOM.
594 */
595 public DOM getStylesheetDOM() {
596 return (DOM)_sdom.get();
597 }
598
599 /**
600 * Set the thread local copy of the stylesheet DOM.
601 */
602 public void setStylesheetDOM(DOM sdom) {
603 _sdom.set(sdom);
604 }
605 }