1. /*
  2. * The Apache Software License, Version 1.1
  3. *
  4. *
  5. * Copyright (c) 2003 The Apache Software Foundation.
  6. * All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. The end-user documentation included with the redistribution,
  21. * if any, must include the following acknowledgment:
  22. * "This product includes software developed by the
  23. * Apache Software Foundation (http://www.apache.org/)."
  24. * Alternately, this acknowledgment may appear in the software itself,
  25. * if and wherever such third-party acknowledgments normally appear.
  26. *
  27. * 4. The names "Xerces" and "Apache Software Foundation" must
  28. * not be used to endorse or promote products derived from this
  29. * software without prior written permission. For written
  30. * permission, please contact apache@apache.org.
  31. *
  32. * 5. Products derived from this software may not be called "Apache",
  33. * nor may "Apache" appear in their name, without prior written
  34. * permission of the Apache Software Foundation.
  35. *
  36. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
  37. * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  38. * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  39. * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
  40. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  41. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  42. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
  43. * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  44. * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  45. * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  46. * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  47. * SUCH DAMAGE.
  48. * ====================================================================
  49. *
  50. * This software consists of voluntary contributions made by many
  51. * individuals on behalf of the Apache Software Foundation and was
  52. * originally based on software copyright (c) 1999, International
  53. * Business Machines, Inc., http://www.apache.org. For more
  54. * information on the Apache Software Foundation, please see
  55. * <http://www.apache.org/>.
  56. */
  57. package com.sun.org.apache.xerces.internal.util;
  58. import com.sun.org.apache.xerces.internal.impl.Constants;
  59. /**
  60. * This class is a container for parser settings that relate to
  61. * security, or more specifically, it is intended to be used to prevent denial-of-service
  62. * attacks from being launched against a system running Xerces.
  63. * Any component that is aware of a denial-of-service attack that can arise
  64. * from its processing of a certain kind of document may query its Component Manager
  65. * for the property (http://apache.org/xml/properties/security-manager)
  66. * whose value will be an instance of this class.
  67. * If no value has been set for the property, the component should proceed in the "usual" (spec-compliant)
  68. * manner. If a value has been set, then it must be the case that the component in
  69. * question needs to know what method of this class to query. This class
  70. * will provide defaults for all known security issues, but will also provide
  71. * setters so that those values can be tailored by applications that care.
  72. *
  73. * @author Neil Graham, IBM
  74. *
  75. * @version $Id: SecurityManager.java,v 1.5 2004/03/23 01:23:41 mrglavas Exp $
  76. */
  77. public final class SecurityManager {
  78. //
  79. // Constants
  80. //
  81. // default value for entity expansion limit
  82. private final static int DEFAULT_ENTITY_EXPANSION_LIMIT = 64000;
  83. /** Default value of number of nodes created. **/
  84. private final static int DEFAULT_MAX_OCCUR_NODE_LIMIT = 3000;
  85. //
  86. // Data
  87. //
  88. private final static int DEFAULT_ELEMENT_ATTRIBUTE_LIMIT = 10000;
  89. /** Entity expansion limit. **/
  90. private int entityExpansionLimit;
  91. /** W3C XML Schema maxOccurs limit. **/
  92. private int maxOccurLimit;
  93. private int fElementAttributeLimit;
  94. // default constructor. Establishes default values for
  95. // all known security holes.
  96. /**
  97. * Default constructor. Establishes default values
  98. * for known security vulnerabilities.
  99. */
  100. public SecurityManager() {
  101. entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
  102. maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ;
  103. fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
  104. //We are reading system properties only once ,
  105. //at the time of creation of this object ,
  106. readSystemProperties();
  107. }
  108. /**
  109. * <p>Sets the number of entity expansions that the
  110. * parser should permit in a document.</p>
  111. *
  112. * @param limit the number of entity expansions
  113. * permitted in a document
  114. */
  115. public void setEntityExpansionLimit(int limit) {
  116. entityExpansionLimit = limit;
  117. }
  118. /**
  119. * <p>Returns the number of entity expansions
  120. * that the parser permits in a document.</p>
  121. *
  122. * @return the number of entity expansions
  123. * permitted in a document
  124. */
  125. public int getEntityExpansionLimit() {
  126. return entityExpansionLimit;
  127. }
  128. /**
  129. * <p>Sets the limit of the number of content model nodes
  130. * that may be created when building a grammar for a W3C
  131. * XML Schema that contains maxOccurs attributes with values
  132. * other than "unbounded".</p>
  133. *
  134. * @param limit the maximum value for maxOccurs other
  135. * than "unbounded"
  136. */
  137. public void setMaxOccurNodeLimit(int limit){
  138. maxOccurLimit = limit;
  139. }
  140. /**
  141. * <p>Returns the limit of the number of content model nodes
  142. * that may be created when building a grammar for a W3C
  143. * XML Schema that contains maxOccurs attributes with values
  144. * other than "unbounded".</p>
  145. *
  146. * @return the maximum value for maxOccurs other
  147. * than "unbounded"
  148. */
  149. public int getMaxOccurNodeLimit(){
  150. return maxOccurLimit;
  151. }
  152. public int getElementAttrLimit(){
  153. return fElementAttributeLimit;
  154. }
  155. public void setElementAttrLimit(int limit){
  156. fElementAttributeLimit = limit;
  157. }
  158. private void readSystemProperties(){
  159. //TODO: also read SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT
  160. try {
  161. String value = System.getProperty(Constants.ENTITY_EXPANSION_LIMIT);
  162. if(value != null && !value.equals("")){
  163. entityExpansionLimit = Integer.parseInt(value);
  164. if (entityExpansionLimit < 0)
  165. entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
  166. }
  167. else
  168. entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
  169. }catch(Exception ex){}
  170. try {
  171. String value = System.getProperty(Constants.MAX_OCCUR_LIMIT);
  172. if(value != null && !value.equals("")){
  173. maxOccurLimit = Integer.parseInt(value);
  174. if (maxOccurLimit < 0)
  175. maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
  176. }
  177. else
  178. maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
  179. }catch(Exception ex){}
  180. try {
  181. String value = System.getProperty(Constants.SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT);
  182. if(value != null && !value.equals("")){
  183. fElementAttributeLimit = Integer.parseInt(value);
  184. if ( fElementAttributeLimit < 0)
  185. fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
  186. }
  187. else
  188. fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
  189. }catch(Exception ex){}
  190. }
  191. } // class SecurityManager