1 /*
2 * reserved comment block
3 * DO NOT REMOVE OR ALTER!
4 */
5 /*
6 * Licensed to the Apache Software Foundation (ASF) under one or more
7 * contributor license agreements. See the NOTICE file distributed with
8 * this work for additional information regarding copyright ownership.
9 * The ASF licenses this file to You under the Apache License, Version 2.0
10 * (the "License"); you may not use this file except in compliance with
11 * the License. You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 package com.sun.org.apache.xerces.internal.util;
23 import com.sun.org.apache.xerces.internal.impl.Constants;
24 /**
25 * This class is a container for parser settings that relate to
26 * security, or more specifically, it is intended to be used to prevent denial-of-service
27 * attacks from being launched against a system running Xerces.
28 * Any component that is aware of a denial-of-service attack that can arise
29 * from its processing of a certain kind of document may query its Component Manager
30 * for the property (http://apache.org/xml/properties/security-manager)
31 * whose value will be an instance of this class.
32 * If no value has been set for the property, the component should proceed in the "usual" (spec-compliant)
33 * manner. If a value has been set, then it must be the case that the component in
34 * question needs to know what method of this class to query. This class
35 * will provide defaults for all known security issues, but will also provide
36 * setters so that those values can be tailored by applications that care.
37 *
38 * @author Neil Graham, IBM
39 *
40 */
41 public final class SecurityManager {
42
43 //
44 // Constants
45 //
46
47 // default value for entity expansion limit
48 private final static int DEFAULT_ENTITY_EXPANSION_LIMIT = 64000;
49
50 /** Default value of number of nodes created. **/
51 private final static int DEFAULT_MAX_OCCUR_NODE_LIMIT = 5000;
52
53 //
54 // Data
55 //
56
57 private final static int DEFAULT_ELEMENT_ATTRIBUTE_LIMIT = 10000;
58
59 /** Entity expansion limit. **/
60 private int entityExpansionLimit;
61
62 /** W3C XML Schema maxOccurs limit. **/
63 private int maxOccurLimit;
64
65 private int fElementAttributeLimit;
66 // default constructor. Establishes default values for
67 // all known security holes.
68 /**
69 * Default constructor. Establishes default values
70 * for known security vulnerabilities.
71 */
72 public SecurityManager() {
73 entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
74 maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ;
75 fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
76 //We are reading system properties only once ,
77 //at the time of creation of this object ,
78 readSystemProperties();
79 }
80
81 /**
82 * <p>Sets the number of entity expansions that the
83 * parser should permit in a document.</p>
84 *
85 * @param limit the number of entity expansions
86 * permitted in a document
87 */
88 public void setEntityExpansionLimit(int limit) {
89 entityExpansionLimit = limit;
90 }
91
92 /**
93 * <p>Returns the number of entity expansions
94 * that the parser permits in a document.</p>
95 *
96 * @return the number of entity expansions
97 * permitted in a document
98 */
99 public int getEntityExpansionLimit() {
100 return entityExpansionLimit;
101 }
102
103 /**
104 * <p>Sets the limit of the number of content model nodes
105 * that may be created when building a grammar for a W3C
106 * XML Schema that contains maxOccurs attributes with values
107 * other than "unbounded".</p>
108 *
109 * @param limit the maximum value for maxOccurs other
110 * than "unbounded"
111 */
112 public void setMaxOccurNodeLimit(int limit){
113 maxOccurLimit = limit;
114 }
115
116 /**
117 * <p>Returns the limit of the number of content model nodes
118 * that may be created when building a grammar for a W3C
119 * XML Schema that contains maxOccurs attributes with values
120 * other than "unbounded".</p>
121 *
122 * @return the maximum value for maxOccurs other
123 * than "unbounded"
124 */
125 public int getMaxOccurNodeLimit(){
126 return maxOccurLimit;
127 }
128
129 public int getElementAttrLimit(){
130 return fElementAttributeLimit;
131 }
132
133 public void setElementAttrLimit(int limit){
134 fElementAttributeLimit = limit;
135 }
136
137 private void readSystemProperties(){
138
139 try {
140 String value = System.getProperty(Constants.ENTITY_EXPANSION_LIMIT);
141 if(value != null && !value.equals("")){
142 entityExpansionLimit = Integer.parseInt(value);
143 if (entityExpansionLimit < 0)
144 entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
145 }
146 else
147 entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
148 }catch(Exception ex){}
149
150 try {
151 String value = System.getProperty(Constants.MAX_OCCUR_LIMIT);
152 if(value != null && !value.equals("")){
153 maxOccurLimit = Integer.parseInt(value);
154 if (maxOccurLimit < 0)
155 maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
156 }
157 else
158 maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
159 }catch(Exception ex){}
160
161 try {
162 String value = System.getProperty(Constants.ELEMENT_ATTRIBUTE_LIMIT);
163 if(value != null && !value.equals("")){
164 fElementAttributeLimit = Integer.parseInt(value);
165 if ( fElementAttributeLimit < 0)
166 fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
167 }
168 else
169 fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
170
171 }catch(Exception ex){}
172
173 }
174
175 } // class SecurityManager