common/util/src/main/java/org/opendaylight/yangtools/util/xml/UntrustedXML.java

   1 /*
   2  * Copyright (c) 2016 Cisco Systems, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.yangtools.util.xml;
   9
  10 import com.google.common.annotations.Beta;
  11 import java.io.InputStream;
  12 import java.io.Reader;
  13 import java.nio.charset.Charset;
  14 import javax.annotation.Nonnull;
  15 import javax.xml.XMLConstants;
  16 import javax.xml.parsers.DocumentBuilder;
  17 import javax.xml.parsers.DocumentBuilderFactory;
  18 import javax.xml.parsers.ParserConfigurationException;
  19 import javax.xml.parsers.SAXParser;
  20 import javax.xml.parsers.SAXParserFactory;
  21 import javax.xml.stream.XMLInputFactory;
  22 import javax.xml.stream.XMLStreamException;
  23 import javax.xml.stream.XMLStreamReader;
  24 import org.xml.sax.SAXException;
  25 import org.xml.sax.SAXNotRecognizedException;
  26 import org.xml.sax.SAXNotSupportedException;
  27
  28 /**
  29  * Set of utility methods for instantiating parser that deal with untrusted XML sources.
  30  *
  31  * @author Robert Varga
  32  */
  33 @Beta
  34 public final class UntrustedXML {
  35     private static final DocumentBuilderFactory DBF;
  36
  37     static {
  38         final DocumentBuilderFactory f = DocumentBuilderFactory.newInstance();
  39         f.setCoalescing(true);
  40         f.setExpandEntityReferences(false);
  41         f.setIgnoringElementContentWhitespace(true);
  42         f.setIgnoringComments(true);
  43         f.setNamespaceAware(true);
  44         f.setXIncludeAware(false);
  45         try {
  46             f.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
  47             f.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
  48             f.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
  49             f.setFeature("http://xml.org/sax/features/external-general-entities", false);
  50             f.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
  51         } catch (final ParserConfigurationException e) {
  52             throw new ExceptionInInitializerError(e);
  53         }
  54         DBF = f;
  55     }
  56
  57     private static final SAXParserFactory SPF;
  58
  59     static {
  60         final SAXParserFactory f = SAXParserFactory.newInstance();
  61         f.setNamespaceAware(true);
  62         f.setXIncludeAware(false);
  63         try {
  64             f.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
  65             f.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
  66             f.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
  67             f.setFeature("http://xml.org/sax/features/external-general-entities", false);
  68             f.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
  69         } catch (final SAXNotRecognizedException | SAXNotSupportedException | ParserConfigurationException e) {
  70             throw new ExceptionInInitializerError(e);
  71         }
  72
  73         SPF = f;
  74     }
  75
  76     private static final XMLInputFactory XIF;
  77
  78     static {
  79         final XMLInputFactory f = XMLInputFactory.newInstance();
  80
  81         f.setProperty(XMLInputFactory.IS_COALESCING, Boolean.TRUE);
  82         f.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, Boolean.TRUE);
  83         f.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
  84         f.setProperty(XMLInputFactory.SUPPORT_DTD, Boolean.FALSE);
  85
  86         XIF = f;
  87     }
  88
  89
  90     /**
  91      * Create a new {@link DocumentBuilder} for dealing with untrusted XML data. This method is equivalent to
  92      * {@link DocumentBuilderFactory#newDocumentBuilder()}, except it does not throw a checked exception.
  93      *
  94      * @return A new DocumentBuilder
  95      * @throws UnsupportedOperationException if the runtime fails to instantiate a good enough builder
  96      */
  97     public static @Nonnull DocumentBuilder newDocumentBuilder() {
  98         try {
  99             return DBF.newDocumentBuilder();
 100         } catch (ParserConfigurationException e) {
 101             throw new UnsupportedOperationException("Failed to instantiate a DocumentBuilder", e);
 102         }
 103     }
 104
 105     /**
 106      * Create a new {@link SAXParser} for dealing with untrusted XML data. This method is equivalent to
 107      * {@link SAXParserFactory#newSAXParser()}, except it does not throw a checked exception.
 108      *
 109      * @return A new SAXParser
 110      * @throws UnsupportedOperationException if the runtime fails to instantiate a good enough builder
 111      */
 112     public static @Nonnull SAXParser newSAXParser() {
 113         try {
 114             return SPF.newSAXParser();
 115         } catch (ParserConfigurationException | SAXException e) {
 116             throw new UnsupportedOperationException("Failed to instantiate a SAXParser", e);
 117         }
 118     }
 119
 120     /**
 121      * Create a new {@link XMLStreamReader} for dealing with untrusted XML data. This method is equivalent to
 122      * {@link XMLInputFactory#createXMLStreamReader(InputStream)}.
 123      *
 124      * @return A new XMLStreamReader
 125      * @throws XMLStreamException when the underlying factory throws it
 126      */
 127     public static @Nonnull XMLStreamReader createXMLStreamReader(final InputStream stream) throws XMLStreamException {
 128         return XIF.createXMLStreamReader(stream);
 129     }
 130
 131     /**
 132      * Create a new {@link XMLStreamReader} for dealing with untrusted XML data. This method is equivalent to
 133      * {@link XMLInputFactory#createXMLStreamReader(InputStream, String)}, except it takes an explict charset argument.
 134      *
 135      * @return A new XMLStreamReader
 136      * @throws XMLStreamException when the underlying factory throws it
 137      */
 138     public static @Nonnull XMLStreamReader createXMLStreamReader(final InputStream stream, final Charset charset)
 139             throws XMLStreamException {
 140         return XIF.createXMLStreamReader(stream, charset.name());
 141     }
 142
 143     /**
 144      * Create a new {@link XMLStreamReader} for dealing with untrusted XML data. This method is equivalent to
 145      * {@link XMLInputFactory#createXMLStreamReader(Reader)}.
 146      *
 147      * @return A new XMLStreamReader
 148      * @throws XMLStreamException when the underlying factory throws it
 149      */
 150     public static @Nonnull XMLStreamReader createXMLStreamReader(final Reader reader) throws XMLStreamException {
 151         return XIF.createXMLStreamReader(reader);
 152     }
 153 }