You are viewing a plain text version of this content. The canonical link for it is here.

Posted to j-users@xerces.apache.org by Samrat Ketu <sa...@gmail.com> on 2006/04/05 20:38:31 UTC

Usage of SecurityManager's setMaxOccurNodeLimit

Hi
    I was trying to use SecurityManager's setMaxOccurNodeLimit to limit the
occurrences of any node in an XML doc. However, I am not clear when and how
to use this.
    Is this limit checked when actually parsing the schema (thus overriding
the number in the schema if greater), or when parsing the instance doc? If
earlier, then on which class should I set this property (I am using
XMLGrammarCachingConfiguration with XMLGrammarPoolImpl)? I guess that for
the later, it is set with SAXParser.setProperty.

    Please let me know if you need more info.

thanks,
Samrak

Re: Usage of SecurityManager's setMaxOccurNodeLimit

Posted by Jeff Greif <jg...@alumni.princeton.edu>.

Just speculating, but the fact that this occurs in a security manager
suggests that this is designed as a denial of service protection (for
example by having a recursive entity expansion that turns a small
input string into an infinitely large thing to be parsed).  It is
unlikely to have anything to do with grammatical constraints such as
maxOccurs.

Jeff

On 4/6/06, Samrat Ketu <sa...@gmail.com> wrote:
> hi Michael
>    Thanks for the reply.
>    I guess I am still confused. Is it that - the number given in
> maxOccurNodeLimit call is actually used to limit the depth (as I understand
> with the reference to content model nodes)? In that case, it has no relation
> to maxOccurs attribute.
>    Or probably I do not understand the true meaning of 'content model
> nodes'. Would appreciate much if you could elaborate a little bit more.
>
> thanks,
> Samrat
>
> On 4/6/06, Michael Glavassevich <mr...@ca.ibm.com> wrote:
> > Setting maxOccurNodeLimit doesn't override maxOccurs values in the schema.
> > maxOccurNodeLimit is actually a limit [1] on the number of nodes which may
> > be created in the internal representation of the content model of a
> > complex type. Large values of maxOccurs generate more nodes in the
> > internal representation. A fatal error is emitted if the limit is
> > exceeded. The limit is checked when the content model is constructed which
> > may be as early as during schema parsing or as late as the first time it
> > is needed for validation.
> >
> > [1]
> >
> http://xerces.apache.org/xerces2-j/javadocs/xerces2/org/apache/xerces/util/SecurityManager.html#setMaxOccurNodeLimit(int)
> >
> > Michael Glavassevich
> > XML Parser Development
> > IBM Toronto Lab
> > E-mail: mrglavas@ca.ibm.com
> > E-mail: mrglavas@apache.org
> >
> > "Samrat Ketu" <sa...@gmail.com> wrote on 04/05/2006 02:38:31 PM:
> >
> > > Hi
> > >     I was trying to use SecurityManager's setMaxOccurNodeLimit to
> > > limit the occurrences of any node in an XML doc. However, I am not
> > > clear when and how to use this.
> > >     Is this limit checked when actually parsing the schema (thus
> > > overriding the number in the schema if greater), or when parsing the
> > > instance doc? If earlier, then on which class should I set this
> > > property (I am using XMLGrammarCachingConfiguration with
> > > XMLGrammarPoolImpl)? I guess that for the later, it is set with
> > > SAXParser.setProperty.
> > >
> > >     Please let me know if you need more info.
> > >
> > > thanks,
> > > Samrak
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> j-users-unsubscribe@xerces.apache.org
> > For additional commands, e-mail: j-users-help@xerces.apache.org
> >
> >
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: j-users-unsubscribe@xerces.apache.org
For additional commands, e-mail: j-users-help@xerces.apache.org

Re: Usage of SecurityManager's setMaxOccurNodeLimit

Posted by Samrat Ketu <sa...@gmail.com>.

hi Michael
   Thanks for the reply.
   I guess I am still confused. Is it that - the number given in
maxOccurNodeLimit call is actually used to limit the depth (as I understand
with the reference to content model nodes)? In that case, it has no relation
to maxOccurs attribute.
   Or probably I do not understand the true meaning of 'content model
nodes'. Would appreciate much if you could elaborate a little bit more.

thanks,
Samrat

On 4/6/06, Michael Glavassevich <mr...@ca.ibm.com> wrote:
>
> Setting maxOccurNodeLimit doesn't override maxOccurs values in the schema.
> maxOccurNodeLimit is actually a limit [1] on the number of nodes which may
> be created in the internal representation of the content model of a
> complex type. Large values of maxOccurs generate more nodes in the
> internal representation. A fatal error is emitted if the limit is
> exceeded. The limit is checked when the content model is constructed which
> may be as early as during schema parsing or as late as the first time it
> is needed for validation.
>
> [1]
>
> http://xerces.apache.org/xerces2-j/javadocs/xerces2/org/apache/xerces/util/SecurityManager.html#setMaxOccurNodeLimit(int)
>
> Michael Glavassevich
> XML Parser Development
> IBM Toronto Lab
> E-mail: mrglavas@ca.ibm.com
> E-mail: mrglavas@apache.org
>
> "Samrat Ketu" <sa...@gmail.com> wrote on 04/05/2006 02:38:31 PM:
>
> > Hi
> >     I was trying to use SecurityManager's setMaxOccurNodeLimit to
> > limit the occurrences of any node in an XML doc. However, I am not
> > clear when and how to use this.
> >     Is this limit checked when actually parsing the schema (thus
> > overriding the number in the schema if greater), or when parsing the
> > instance doc? If earlier, then on which class should I set this
> > property (I am using XMLGrammarCachingConfiguration with
> > XMLGrammarPoolImpl)? I guess that for the later, it is set with
> > SAXParser.setProperty.
> >
> >     Please let me know if you need more info.
> >
> > thanks,
> > Samrak
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: j-users-unsubscribe@xerces.apache.org
> For additional commands, e-mail: j-users-help@xerces.apache.org
>
>

Re: Usage of SecurityManager's setMaxOccurNodeLimit

Posted by Michael Glavassevich <mr...@ca.ibm.com>.

Setting maxOccurNodeLimit doesn't override maxOccurs values in the schema. 
maxOccurNodeLimit is actually a limit [1] on the number of nodes which may 
be created in the internal representation of the content model of a 
complex type. Large values of maxOccurs generate more nodes in the 
internal representation. A fatal error is emitted if the limit is 
exceeded. The limit is checked when the content model is constructed which 
may be as early as during schema parsing or as late as the first time it 
is needed for validation.

[1] 
http://xerces.apache.org/xerces2-j/javadocs/xerces2/org/apache/xerces/util/SecurityManager.html#setMaxOccurNodeLimit(int)

Michael Glavassevich
XML Parser Development
IBM Toronto Lab
E-mail: mrglavas@ca.ibm.com
E-mail: mrglavas@apache.org

"Samrat Ketu" <sa...@gmail.com> wrote on 04/05/2006 02:38:31 PM:

> Hi
>     I was trying to use SecurityManager's setMaxOccurNodeLimit to 
> limit the occurrences of any node in an XML doc. However, I am not 
> clear when and how to use this. 
>     Is this limit checked when actually parsing the schema (thus 
> overriding the number in the schema if greater), or when parsing the
> instance doc? If earlier, then on which class should I set this 
> property (I am using XMLGrammarCachingConfiguration with 
> XMLGrammarPoolImpl)? I guess that for the later, it is set with 
> SAXParser.setProperty.
> 
>     Please let me know if you need more info.
> 
> thanks,
> Samrak

---------------------------------------------------------------------
To unsubscribe, e-mail: j-users-unsubscribe@xerces.apache.org
For additional commands, e-mail: j-users-help@xerces.apache.org