Skip to content

Commit

Permalink
#35: Possible hang in XMLReader
Browse files Browse the repository at this point in the history 
Solved infinite loop in MXParser when parsing a malformed Processing
Instruction.
  • Loading branch information
@belingueres
belingueres committed Dec 4, 2018
1 parent 7143d9b commit 0fd61e2
Show file tree
Hide file tree
Showing 2 changed files with 224 additions and 1 deletion.
93 changes: 92 additions & 1 deletion src/main/java/org/codehaus/plexus/util/xml/pull/MXParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -583,6 +583,8 @@ else if ( FEATURE_XML_ROUNDTRIP.equals( name ) )
}

/** Unknown properties are <string>always</strong> returned as false */


public boolean getFeature( String name )
{
if ( name == null )
Expand Down Expand Up @@ -611,6 +613,8 @@ else if ( FEATURE_XML_ROUNDTRIP.equals( name ) )
return false;
}



public void setProperty( String name, Object value )
throws XmlPullParserException
{
Expand All @@ -624,6 +628,8 @@ public void setProperty( String name, Object value )
}
}



public Object getProperty( String name )
{
if ( name == null )
Expand All @@ -647,13 +653,17 @@ else if ( PROPERTY_LOCATION.equals( name ) )
return null;
}



public void setInput( Reader in )
throws XmlPullParserException
{
reset();
reader = in;
}



public void setInput( java.io.InputStream inputStream, String inputEncoding )
throws XmlPullParserException
{
Expand Down Expand Up @@ -687,11 +697,15 @@ public void setInput( java.io.InputStream inputStream, String inputEncoding )
this.inputEncoding = inputEncoding;
}



public String getInputEncoding()
{
return inputEncoding;
}



public void defineEntityReplacementText( String entityName, String replacementText )
throws XmlPullParserException
{
Expand Down Expand Up @@ -728,6 +742,8 @@ public void defineEntityReplacementText( String entityName, String replacementTe
// TOOD keepEntityNormalizedForAttributeValue cached as well ...
}



public int getNamespaceCount( int depth )
throws XmlPullParserException
{
Expand All @@ -742,6 +758,8 @@ public int getNamespaceCount( int depth )
return elNamespaceCount[depth];
}



public String getNamespacePrefix( int pos )
throws XmlPullParserException
{
Expand All @@ -759,6 +777,8 @@ public String getNamespacePrefix( int pos )
}
}



public String getNamespaceUri( int pos )
throws XmlPullParserException
{
Expand All @@ -775,6 +795,8 @@ public String getNamespaceUri( int pos )
}
}



public String getNamespace( String prefix )
// throws XmlPullParserException
{
Expand Down Expand Up @@ -811,6 +833,8 @@ else if ( "xmlns".equals( prefix ) )
return null;
}



public int getDepth()
{
return depth;
Expand Down Expand Up @@ -846,6 +870,8 @@ private static int findFragment( int bufMinPos, char[] b, int start, int end )
/**
* Return string describing current position of parsers as text 'STATE [seen %s...] @line:column'.
*/


public String getPositionDescription()
{
String fragment = null;
Expand All @@ -867,16 +893,22 @@ public String getPositionDescription()
+ ( location != null ? location : "" ) + "@" + getLineNumber() + ":" + getColumnNumber();
}



public int getLineNumber()
{
return lineNumber;
}



public int getColumnNumber()
{
return columnNumber;
}



public boolean isWhitespace()
throws XmlPullParserException
{
Expand Down Expand Up @@ -908,6 +940,8 @@ else if ( eventType == IGNORABLE_WHITESPACE )
throw new XmlPullParserException( "no content available to check for whitespaces" );
}



public String getText()
{
if ( eventType == START_DOCUMENT || eventType == END_DOCUMENT )
Expand Down Expand Up @@ -937,6 +971,8 @@ else if ( eventType == ENTITY_REF )
return text;
}



public char[] getTextCharacters( int[] holderForStartAndLength )
{
if ( eventType == TEXT )
Expand Down Expand Up @@ -984,6 +1020,8 @@ else if ( eventType == START_DOCUMENT || eventType == END_DOCUMENT )
// return cb;
}



public String getNamespace()
{
if ( eventType == START_TAG )
Expand Down Expand Up @@ -1014,6 +1052,8 @@ else if ( eventType == END_TAG )
// return "";
}



public String getName()
{
if ( eventType == START_TAG )
Expand All @@ -1039,6 +1079,8 @@ else if ( eventType == ENTITY_REF )
}
}



public String getPrefix()
{
if ( eventType == START_TAG )
Expand All @@ -1056,6 +1098,8 @@ else if ( eventType == END_TAG )
// return elPrefix[ maxDepth ];
}



public boolean isEmptyElementTag()
throws XmlPullParserException
{
Expand All @@ -1064,13 +1108,17 @@ public boolean isEmptyElementTag()
return emptyElementTag;
}



public int getAttributeCount()
{
if ( eventType != START_TAG )
return -1;
return attributeCount;
}



public String getAttributeNamespace( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1083,6 +1131,8 @@ public String getAttributeNamespace( int index )
return attributeUri[index];
}



public String getAttributeName( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1093,6 +1143,8 @@ public String getAttributeName( int index )
return attributeName[index];
}



public String getAttributePrefix( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1105,6 +1157,8 @@ public String getAttributePrefix( int index )
return attributePrefix[index];
}



public String getAttributeType( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1115,6 +1169,8 @@ public String getAttributeType( int index )
return "CDATA";
}



public boolean isAttributeDefault( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1125,6 +1181,8 @@ public boolean isAttributeDefault( int index )
return false;
}



public String getAttributeValue( int index )
{
if ( eventType != START_TAG )
Expand All @@ -1135,6 +1193,8 @@ public String getAttributeValue( int index )
return attributeValue[index];
}



public String getAttributeValue( String namespace, String name )
{
if ( eventType != START_TAG )
Expand Down Expand Up @@ -1181,12 +1241,16 @@ public String getAttributeValue( String namespace, String name )
return null;
}



public int getEventType()
throws XmlPullParserException
{
return eventType;
}



public void require( int type, String namespace, String name )
throws XmlPullParserException, IOException
{
Expand Down Expand Up @@ -1245,6 +1309,8 @@ else if ( eventType == START_TAG )
// return result;
// }



public String nextText()
throws XmlPullParserException, IOException
{
Expand Down Expand Up @@ -1294,6 +1360,8 @@ else if ( eventType == END_TAG )
}
}



public int nextTag()
throws XmlPullParserException, IOException
{
Expand All @@ -1310,13 +1378,17 @@ public int nextTag()
return eventType;
}



public int next()
throws XmlPullParserException, IOException
{
tokenize = false;
return nextImpl();
}



public int nextToken()
throws XmlPullParserException, IOException
{
Expand Down Expand Up @@ -3012,6 +3084,7 @@ protected boolean parsePI()

try
{
boolean seenPITarget = false;
boolean seenQ = false;
char ch = more();
if ( isS( ch ) )
Expand All @@ -3026,6 +3099,11 @@ protected boolean parsePI()

if ( ch == '?' )
{
if ( !seenPITarget )
{
throw new XmlPullParserException( "processing instruction PITarget name not found", this,
null );
}
seenQ = true;
}
else if ( ch == '>' )
Expand All @@ -3034,7 +3112,18 @@ else if ( ch == '>' )
{
break; // found end sequence!!!!
}
seenQ = false;

if ( !seenPITarget )
{
throw new XmlPullParserException( "processing instruction PITarget name not found", this,
null );
}
else
{
// seenPITarget && !seenQ
throw new XmlPullParserException( "processing instruction started on line " + curLine
+ " and column " + curColumn + " was not closed", this, null );
}
}
else
{
Expand Down Expand Up @@ -3073,6 +3162,7 @@ else if ( ch == '>' )
}
}
}

seenQ = false;
}
if ( normalizeIgnorableWS )
Expand Down Expand Up @@ -3122,6 +3212,7 @@ else if ( ch == '\n' )
normalizedCR = false;
}
}
seenPITarget = true;
ch = more();
}
}
Expand Down
Loading

0 comments on commit 0fd61e2

Please sign in to comment.