--- old/test/javax/xml/jaxp/unittest/parsers/Bug6309988.java 2016-07-18 00:50:53.028432771 -0700 +++ new/test/javax/xml/jaxp/unittest/parsers/Bug6309988.java 2016-07-18 00:50:52.905494272 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,7 @@ package parsers; import java.io.File; +import java.io.FilePermission; import java.io.InputStream; import javax.xml.XMLConstants; @@ -32,6 +33,8 @@ import javax.xml.parsers.SAXParser; import javax.xml.parsers.SAXParserFactory; +import jaxp.library.JAXPTestUtilities; + import org.testng.Assert; import org.testng.annotations.Test; import org.w3c.dom.Document; @@ -41,24 +44,40 @@ * @bug 6309988 * @summary Test elementAttributeLimit, maxOccurLimit, entityExpansionLimit. */ +@Test(singleThreaded = true) public class Bug6309988 { DocumentBuilderFactory dbf = null; - static boolean _isSecureMode = false; - static { - if (System.getSecurityManager() != null) { - _isSecureMode = true; - System.out.println("Security Manager is present"); - } else { - System.out.println("Security Manager is NOT present"); - } + + public void runWithSecurityManager() throws Exception { + JAXPTestUtilities.tryRunWithPolicyManager(() -> test(), + new FilePermission(System.getProperty("test.src") + "/-", "read")); + } + + public void runWithoutSecurityManager() throws Exception { + test(); + } + + private void test() { + testDOMParserElementAttributeLimit(); + testDOMNSParserElementAttributeLimit(); + testDOMNSParserElementAttributeLimitWithoutSecureProcessing(); + testSystemElementAttributeLimitWithoutSecureProcessing(); + testSystemElementAttributeLimitWithSecureProcessing(); + testDOMSecureProcessingDefaultValue(); + testSAXSecureProcessingDefaultValue(); + testSystemMaxOccurLimitWithoutSecureProcessing(); + testValidMaxOccurLimitWithOutSecureProcessing(); + testSystemEntityExpansionLimitWithOutSecureProcessing(); + testSystemEntityExpansionLimitWithSecureProcessing(); + testEntityExpansionLimitWithSecureProcessing(); + testEntityExpansionLimitWithOutSecureProcessing(); } /* * Given XML document has more than 10000 attributes. Exception is expected */ - @Test - public void testDOMParserElementAttributeLimit() { + private void testDOMParserElementAttributeLimit() { try { dbf = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = dbf.newDocumentBuilder(); @@ -75,8 +94,7 @@ * Given XML document has more than 10000 attributes. It should report an * error. */ - @Test - public void testDOMNSParserElementAttributeLimit() { + private void testDOMNSParserElementAttributeLimit() { try { dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); @@ -94,9 +112,8 @@ * Given XML document has more than 10000 attributes. Parsing this XML * document in non-secure mode, should not report any error. */ - @Test - public void testDOMNSParserElementAttributeLimitWithoutSecureProcessing() { - if (_isSecureMode) + private void testDOMNSParserElementAttributeLimitWithoutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -121,9 +138,8 @@ * test should be the same as * testSystemElementAttributeLimitWithSecureProcessing */ - @Test - public void testSystemElementAttributeLimitWithoutSecureProcessing() { - if (_isSecureMode) + private void testSystemElementAttributeLimitWithoutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -155,8 +171,7 @@ * Given XML document has 3 attributes and System property is set to 2. * Parsing this XML document in secure mode, should report an error. */ - @Test - public void testSystemElementAttributeLimitWithSecureProcessing() { + private void testSystemElementAttributeLimitWithSecureProcessing() { try { dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); @@ -176,8 +191,7 @@ /* * Default value for secure processing feature should be true. */ - @Test - public void testDOMSecureProcessingDefaultValue() { + private void testDOMSecureProcessingDefaultValue() { try { dbf = DocumentBuilderFactory.newInstance(); Assert.assertTrue(dbf.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING), "Default value for secureProcessing feature should be true"); @@ -190,8 +204,7 @@ /* * Default value for secure processing feature should be true. */ - @Test - public void testSAXSecureProcessingDefaultValue() { + private void testSAXSecureProcessingDefaultValue() { try { SAXParserFactory spf = SAXParserFactory.newInstance(); Assert.assertTrue(spf.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING), "Default value for secureProcessing feature should be true"); @@ -206,9 +219,8 @@ * feature is off. Given doument contains more than 2 elements and hence an * error should be reported. */ - @Test - public void testSystemMaxOccurLimitWithoutSecureProcessing() { - if (_isSecureMode) + private void testSystemMaxOccurLimitWithoutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -242,9 +254,8 @@ * maxOccur is '3002'. Since secure processing feature is off, document * should be parsed without any errors. */ - @Test - public void testValidMaxOccurLimitWithOutSecureProcessing() { - if (_isSecureMode) + private void testValidMaxOccurLimitWithOutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -279,9 +290,8 @@ * test should be the same as * testSystemElementAttributeLimitWithSecureProcessing */ - @Test - public void testSystemEntityExpansionLimitWithOutSecureProcessing() { - if (_isSecureMode) + private void testSystemEntityExpansionLimitWithOutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -312,8 +322,7 @@ * System property is set to 2. Given XML document has more than 2 entity * references. Parsing this document in secure mode, should report an error. */ - @Test - public void testSystemEntityExpansionLimitWithSecureProcessing() { + private void testSystemEntityExpansionLimitWithSecureProcessing() { try { dbf = DocumentBuilderFactory.newInstance(); dbf.setValidating(true); @@ -335,8 +344,7 @@ * Given XML document has more than 64000 entity references. Parsing this * document in secure mode, should report an error. */ - @Test - public void testEntityExpansionLimitWithSecureProcessing() { + private void testEntityExpansionLimitWithSecureProcessing() { try { dbf = DocumentBuilderFactory.newInstance(); dbf.setValidating(true); @@ -357,9 +365,8 @@ * Given XML document has more than 64000 entity references. Parsing this * document in non-secure mode, should not report any error. */ - @Test - public void testEntityExpansionLimitWithOutSecureProcessing() { - if (_isSecureMode) + private void testEntityExpansionLimitWithOutSecureProcessing() { + if (isSecureMode()) return; // jaxp secure feature can not be turned off when security // manager is present try { @@ -377,4 +384,8 @@ System.setProperty("entityExpansionLimit", ""); } } + + private boolean isSecureMode() { + return System.getSecurityManager() != null; + } }