jdk-sandbox: comparison jaxp/src/com/sun/org/apache/xerces/internal/util/SecurityManager.java

equal deleted inserted replaced

-:bcebd3fdefc9
+:a44e04deb948
 * <http://www.apache.org/>.
 */
 package com.sun.org.apache.xerces.internal.util;
 import com.sun.org.apache.xerces.internal.impl.Constants;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 /**
 * This class is a container for parser settings that relate to
 * security, or more specifically, it is intended to be used to prevent denial-of-service
 * attacks from being launched against a system running Xerces.
 * Any component that is aware of a denial-of-service attack that can arise
 * will provide defaults for all known security issues, but will also provide
 * setters so that those values can be tailored by applications that care.
 *
 * @author  Neil Graham, IBM
 *
+* @version $Id: SecurityManager.java,v 1.5 2010-11-01 04:40:14 joehw Exp $
 */
 public final class SecurityManager {
 //
 // Constants
 fElementAttributeLimit = limit;
 }
 private void readSystemProperties(){
 //TODO: also read SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT
 try {
-String value = System.getProperty(Constants.ENTITY_EXPANSION_LIMIT);
+String value = getSystemProperty(Constants.ENTITY_EXPANSION_LIMIT);
 if(value != null && !value.equals("")){
 entityExpansionLimit = Integer.parseInt(value);
 if (entityExpansionLimit < 0)
 entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
 }
 else
 entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
+}catch(Exception ex){}
+try {
+String value = getSystemProperty(Constants.MAX_OCCUR_LIMIT);
+if(value != null && !value.equals("")){
+maxOccurLimit = Integer.parseInt(value);
+if (maxOccurLimit < 0)
+maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
+}
+else
+maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
+}catch(Exception ex){}
+try {
+String value = getSystemProperty(Constants.SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT);
+if(value != null && !value.equals("")){
+fElementAttributeLimit = Integer.parseInt(value);
+if ( fElementAttributeLimit < 0)
+fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
+}
+else
+fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
 }catch(Exception ex){}
-try {
-String value = System.getProperty(Constants.MAX_OCCUR_LIMIT);
-if(value != null && !value.equals("")){
-maxOccurLimit = Integer.parseInt(value);
-if (maxOccurLimit < 0)
-maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
-}
-else
-maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT;
-}catch(Exception ex){}
-try {
-String value = System.getProperty(Constants.SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT);
-if(value != null && !value.equals("")){
-fElementAttributeLimit = Integer.parseInt(value);
-if ( fElementAttributeLimit < 0)
-fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
-}
-else
-fElementAttributeLimit = DEFAULT_ELEMENT_ATTRIBUTE_LIMIT;
-}catch(Exception ex){}
 }
+private String getSystemProperty(final String propName) {
+return AccessController.doPrivileged(new PrivilegedAction<String>() {
+public String run() {
+return System.getProperty(propName);
+}
+});
+}
 } // class SecurityManager

changeset 16953	a44e04deb948
parent 12457	c348e06f0e82
child 20975	298d79f9a705