You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by ab...@apache.org on 2006/12/06 01:14:25 UTC

svn commit: r482837 - /db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java

Author: abrown
Date: Tue Dec  5 16:14:23 2006
New Revision: 482837

URL: http://svn.apache.org/viewvc?view=rev&rev=482837
Log:
DERBY-2131: Porting changes from trunk to 10.2.

Use a privileged block when calling out to the JAXP parser so that
users running with a security manager can insert XML values that
reference external DTDs without encountering security exceptions.

svn merge -r 481116:481117 https://svn.apache.org/repos/asf/db/derby/code/trunk
svn merge -r 482302:482303 https://svn.apache.org/repos/asf/db/derby/code/trunk

Modified:
    db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java

Modified: db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java?view=diff&rev=482837&r1=482836&r2=482837
==============================================================================
--- db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java (original)
+++ db/derby/code/branches/10.2/java/engine/org/apache/derby/iapi/types/SqlXmlUtil.java Tue Dec  5 16:14:23 2006
@@ -311,8 +311,41 @@
         throws Exception
     {
         ArrayList aList = new ArrayList();
-        aList.add(dBuilder.parse(
-            new InputSource(new StringReader(xmlAsText))));
+
+        /* The call to dBuilder.parse() is a call to an external
+         * (w.r.t. to Derby) JAXP parser.  If the received XML
+         * text references an external DTD, then the JAXP parser
+         * will try to read that external DTD.  Thus we wrap the
+         * call to parse inside a privileged action to make sure
+         * that the JAXP parser has the required permissions for
+         * reading the DTD file.
+         */
+        try {
+
+            final InputSource is = new InputSource(new StringReader(xmlAsText));
+            aList.add(java.security.AccessController.doPrivileged(
+                new java.security.PrivilegedExceptionAction()
+                {
+                    public Object run() throws IOException, SAXException
+                    {
+                        return dBuilder.parse(is);
+                    }
+                }));
+
+        } catch (java.security.PrivilegedActionException pae) {
+
+            /* Unwrap the privileged exception so that the user can
+             * see what the underlying error is. For example, it could
+             * be an i/o error from parsing the XML value, which can
+             * happen if the XML value references an external DTD file
+             * but the JAXP parser hits an i/o error when trying to read
+             * the DTD.  In that case we want to throw the i/o error
+             * itself so that it does not appear as a security exception
+             * to the user.
+             */
+            throw pae.getException();
+
+        }
 
         /* The second argument in the following call is for
          * catching cases where we have a top-level (parentless)