Back to index...

	/*
	* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/
	package jdk.xml.internal;

	import java.io.File;
	import java.io.FileInputStream;
	import java.io.FileNotFoundException;
	import java.io.IOException;
	import java.io.InputStream;
	import java.net.URL;
	import java.security.AccessController;
	import java.security.CodeSource;
	import java.security.PrivilegedAction;
	import java.security.PrivilegedActionException;
	import java.security.PrivilegedExceptionAction;
	import java.text.MessageFormat;
	import java.util.Locale;
	import java.util.MissingResourceException;
	import java.util.Properties;
	import java.util.ResourceBundle;

	/**
	* This class contains utility methods for reading resources in the JAXP packages
	*/
	public class SecuritySupport {
	public final static String NEWLINE = System.lineSeparator();

	/**
	* Cache for properties in java.home/conf/jaxp.properties
	*/
	static final Properties cacheProps = new Properties();

	/**
	* Flag indicating whether java.home/conf/jaxp.properties has been read
	*/
	static volatile boolean firstTime = true;

	private SecuritySupport() {}

	public static String getErrorMessage(Locale locale, String bundle, String key,
	Object[] arguments) {
	ResourceBundle rb;
	if (locale != null) {
	rb = ResourceBundle.getBundle(bundle,locale);
	} else {
	rb = ResourceBundle.getBundle(bundle);
	}

	String msg = rb.getString(key);
	if (arguments != null) {
	msg = MessageFormat.format(msg, arguments);
	}
	return msg;
	}

	/**
	* Reads a system property with privilege
	*
	* @param propName the name of the property
	* @return the value of the property
	*/
	public static String getSystemProperty(final String propName) {
	return
	AccessController.doPrivileged(
	(PrivilegedAction<String>) () -> System.getProperty(propName));
	}

	/**
	* Reads a system property with privilege
	*
	* @param propName the name of the property
	* @return the value of the property
	*/
	public static String getSystemProperty(final String propName, String defValue) {
	String value = getSystemProperty(propName);
	if (value == null) {
	return defValue;
	}
	return value;
	}

	/**
	* Reads a system property with specified type.
	*
	* @param <T> the type of the property value
	* @param type the type of the property value
	* @param propName the name of the property
	* @param defValue the default value
	* @return the value of the property, or the default value if no system
	* property is found
	*/
	public static <T> T getSystemProperty(Class<T> type, String propName, String defValue) {
	String value = getSystemProperty(propName);
	if (value == null) {
	value = defValue;
	}
	if (Integer.class.isAssignableFrom(type)) {
	return type.cast(Integer.parseInt(value));
	} else if (Boolean.class.isAssignableFrom(type)) {
	return type.cast(Boolean.parseBoolean(value));
	}
	return type.cast(value);
	}

	/**
	* Reads JAXP system property in this order: system property,
	* $java.home/conf/jaxp.properties if the system property is not specified
	*
	* @param <T> the type of the property value
	* @param type the type of the property value
	* @param propName the name of the property
	* @param defValue the default value
	* @return the value of the property, or the default value if no system
	* property is found
	*/
	public static <T> T getJAXPSystemProperty(Class<T> type, String propName, String defValue) {
	String value = getJAXPSystemProperty(propName);
	if (value == null) {
	value = defValue;
	}
	if (Integer.class.isAssignableFrom(type)) {
	return type.cast(Integer.parseInt(value));
	} else if (Boolean.class.isAssignableFrom(type)) {
	return type.cast(Boolean.parseBoolean(value));
	}
	return type.cast(value);
	}

	/**
	* Reads JAXP system property in this order: system property,
	* $java.home/conf/jaxp.properties if the system property is not specified
	*
	* @param propName the name of the property
	* @return the value of the property
	*/
	public static String getJAXPSystemProperty(String propName) {
	String value = getSystemProperty(propName);
	if (value == null) {
	value = readJAXPProperty(propName);
	}
	return value;
	}

	/**
	* Reads the specified property from $java.home/conf/jaxp.properties
	*
	* @param propName the name of the property
	* @return the value of the property
	*/
	public static String readJAXPProperty(String propName) {
	String value = null;
	InputStream is = null;
	try {
	if (firstTime) {
	synchronized (cacheProps) {
	if (firstTime) {
	String configFile = getSystemProperty("java.home") + File.separator
	+ "conf" + File.separator + "jaxp.properties";
	File f = new File(configFile);
	if (isFileExists(f)) {
	is = getFileInputStream(f);
	cacheProps.load(is);
	}
	firstTime = false;
	}
	}
	}
	value = cacheProps.getProperty(propName);

	} catch (IOException ex) {
	} finally {
	if (is != null) {
	try {
	is.close();
	} catch (IOException ex) {}
	}
	}

	return value;
	}

	/**
	* Tests whether the file denoted by this abstract pathname is a directory.
	* @param f the file to be tested
	* @return true if it is a directory, false otherwise
	*/
	public static boolean isDirectory(final File f) {
	return (AccessController.doPrivileged((PrivilegedAction<Boolean>) ()
	-> f.isDirectory()));
	}

	/**
	* Tests whether the file exists.
	*
	* @param f the file to be tested
	* @return true if the file exists, false otherwise
	*/
	public static boolean isFileExists(final File f) {
	return (AccessController.doPrivileged((PrivilegedAction<Boolean>) ()
	-> f.exists()));
	}

	/**
	* Creates and returns a new FileInputStream from a file.
	* @param file the specified file
	* @return the FileInputStream
	* @throws FileNotFoundException if the file is not found
	*/
	public static FileInputStream getFileInputStream(final File file)
	throws FileNotFoundException {
	try {
	return AccessController.doPrivileged((PrivilegedExceptionAction<FileInputStream>) ()
	-> new FileInputStream(file));
	} catch (PrivilegedActionException e) {
	throw (FileNotFoundException) e.getException();
	}
	}

	/**
	* Returns the resource as a stream.
	* @param name the resource name
	* @return the resource stream
	*/
	public static InputStream getResourceAsStream(final String name) {
	return AccessController.doPrivileged((PrivilegedAction<InputStream>) () ->
	SecuritySupport.class.getResourceAsStream("/"+name));
	}

	/**
	* Gets a resource bundle using the specified base name, the default locale, and the caller's class loader.
	* @param bundle the base name of the resource bundle, a fully qualified class name
	* @return a resource bundle for the given base name and the default locale
	*/
	public static ResourceBundle getResourceBundle(String bundle) {
	return getResourceBundle(bundle, Locale.getDefault());
	}

	/**
	* Gets a resource bundle using the specified base name and locale, and the caller's class loader.
	* @param bundle the base name of the resource bundle, a fully qualified class name
	* @param locale the locale for which a resource bundle is desired
	* @return a resource bundle for the given base name and locale
	*/
	public static ResourceBundle getResourceBundle(final String bundle, final Locale locale) {
	return AccessController.doPrivileged((PrivilegedAction<ResourceBundle>) () -> {
	try {
	return ResourceBundle.getBundle(bundle, locale);
	} catch (MissingResourceException e) {
	try {
	return ResourceBundle.getBundle(bundle, new Locale("en", "US"));
	} catch (MissingResourceException e2) {
	throw new MissingResourceException(
	"Could not load any resource bundle by " + bundle, bundle, "");
	}
	}
	});
	}

	/**
	* Checks whether the file exists.
	* @param f the specified file
	* @return true if the file exists, false otherwise
	*/
	public static boolean doesFileExist(final File f) {
	return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () -> f.exists()));
	}

	/**
	* Checks the LastModified attribute of a file.
	* @param f the specified file
	* @return the LastModified attribute
	*/
	static long getLastModified(final File f) {
	return (AccessController.doPrivileged((PrivilegedAction<Long>) () -> f.lastModified()));
	}

	/**
	* Strip off path from an URI
	*
	* @param uri an URI with full path
	* @return the file name only
	*/
	public static String sanitizePath(String uri) {
	if (uri == null) {
	return "";
	}
	int i = uri.lastIndexOf("/");
	if (i > 0) {
	return uri.substring(i+1, uri.length());
	}
	return "";
	}

	/**
	* Check the protocol used in the systemId against allowed protocols
	*
	* @param systemId the Id of the URI
	* @param allowedProtocols a list of allowed protocols separated by comma
	* @param accessAny keyword to indicate allowing any protocol
	* @return the name of the protocol if rejected, null otherwise
	*/
	public static String checkAccess(String systemId, String allowedProtocols,
	String accessAny) throws IOException {
	if (systemId == null \|\| (allowedProtocols != null &&
	allowedProtocols.equalsIgnoreCase(accessAny))) {
	return null;
	}

	String protocol;
	if (!systemId.contains(":")) {
	protocol = "file";
	} else {
	URL url = new URL(systemId);
	protocol = url.getProtocol();
	if (protocol.equalsIgnoreCase("jar")) {
	String path = url.getPath();
	protocol = path.substring(0, path.indexOf(":"));
	} else if (protocol.equalsIgnoreCase("jrt")) {
	// if the systemId is "jrt" then allow access if "file" allowed
	protocol = "file";
	}
	}

	if (isProtocolAllowed(protocol, allowedProtocols)) {
	//access allowed
	return null;
	} else {
	return protocol;
	}
	}

	/**
	* Check if the protocol is in the allowed list of protocols. The check
	* is case-insensitive while ignoring whitespaces.
	*
	* @param protocol a protocol
	* @param allowedProtocols a list of allowed protocols
	* @return true if the protocol is in the list
	*/
	private static boolean isProtocolAllowed(String protocol, String allowedProtocols) {
	if (allowedProtocols == null) {
	return false;
	}
	String temp[] = allowedProtocols.split(",");
	for (String t : temp) {
	t = t.trim();
	if (t.equalsIgnoreCase(protocol)) {
	return true;
	}
	}
	return false;
	}

	public static ClassLoader getContextClassLoader() {
	return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
	ClassLoader cl = Thread.currentThread().getContextClassLoader();
	if (cl == null)
	cl = ClassLoader.getSystemClassLoader();
	return cl;
	});
	}


	public static ClassLoader getSystemClassLoader() {
	return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
	ClassLoader cl = null;
	try {
	cl = ClassLoader.getSystemClassLoader();
	} catch (SecurityException ex) {
	}
	return cl;
	});
	}

	public static ClassLoader getParentClassLoader(final ClassLoader cl) {
	return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> {
	ClassLoader parent = null;
	try {
	parent = cl.getParent();
	} catch (SecurityException ex) {
	}

	// eliminate loops in case of the boot
	// ClassLoader returning itself as a parent
	return (parent == cl) ? null : parent;
	});
	}


	// Used for debugging purposes
	public static String getClassSource(Class<?> cls) {
	return AccessController.doPrivileged((PrivilegedAction<String>) () -> {
	CodeSource cs = cls.getProtectionDomain().getCodeSource();
	if (cs != null) {
	URL loc = cs.getLocation();
	return loc != null ? loc.toString() : "(no location)";
	} else {
	return "(no code source)";
	}
	});
	}

	// ---------------- For SAX ----------------------
	/**
	* Returns the current thread's context class loader, or the system class loader
	* if the context class loader is null.
	* @return the current thread's context class loader, or the system class loader
	* @throws SecurityException
	*/
	public static ClassLoader getClassLoader() throws SecurityException{
	return AccessController.doPrivileged((PrivilegedAction<ClassLoader>)() -> {
	ClassLoader cl = Thread.currentThread().getContextClassLoader();
	if (cl == null) {
	cl = ClassLoader.getSystemClassLoader();
	}

	return cl;
	});
	}

	public static InputStream getResourceAsStream(final ClassLoader cl, final String name)
	{
	return AccessController.doPrivileged((PrivilegedAction<InputStream>) () -> {
	InputStream ris;
	if (cl == null) {
	ris = SecuritySupport.class.getResourceAsStream(name);
	} else {
	ris = cl.getResourceAsStream(name);
	}
	return ris;
	});
	}
	}

Back to index...