Created
October 24, 2016 16:16
-
-
Save ecki/f84d53a58c48b13425a270439d4ed84a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Parsing xxe-test\src\main\resources\test.xml | |
setDocumentLocator com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser$LocatorProxy@783f472b | |
startDocument | |
fatal org.xml.sax.SAXParseException; systemId: file:xxe-test/src/main/resources/test.xml; lineNumber: 2; columnNumber: 10; DOCTYPE is disallowed when the feature "http://apache.org/xml/features/disallow-doctype-decl" set to true. | |
startElement <,,log4j:configuration> | |
data "\n " | |
startElement <,,test> | |
endElement </test> | |
data "\n " | |
startElement <,,test2> | |
data "&" | |
endElement </test2> | |
data "\n " | |
startElement <,,test3> | |
data "int-resolved" << ---------- | |
endElement </test3> | |
data "\n" | |
endElement </log4j:configuration> | |
endDocument | |
Done. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package net.eckenfels.test.xxe; | |
import java.io.File; | |
import java.io.IOException; | |
import org.xml.sax.Attributes; | |
import org.xml.sax.ContentHandler; | |
import org.xml.sax.DTDHandler; | |
import org.xml.sax.EntityResolver; | |
import org.xml.sax.ErrorHandler; | |
import org.xml.sax.InputSource; | |
import org.xml.sax.Locator; | |
import org.xml.sax.SAXException; | |
import org.xml.sax.SAXParseException; | |
import org.xml.sax.XMLReader; | |
import org.xml.sax.helpers.XMLReaderFactory; | |
public class ReaderTests | |
{ | |
static class Handler implements ContentHandler, DTDHandler, EntityResolver, ErrorHandler | |
{ | |
public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException | |
{ | |
System.out.println("resolveEntity " + publicId + "," + systemId); | |
return null; | |
} | |
public void notationDecl(String name, String publicId, String systemId) throws SAXException | |
{ | |
System.out.println("notationDecl " + name + "," + publicId + "," + systemId); | |
} | |
public void unparsedEntityDecl(String name, String publicId, String systemId, String notationName) throws SAXException | |
{ | |
System.out.println("unparsedEntityDecl " + name + "," + publicId + "," + systemId + "," + notationName); | |
} | |
public void setDocumentLocator(Locator locator) | |
{ | |
System.out.println("setDocumentLocator " + locator); | |
} | |
public void startDocument() throws SAXException | |
{ | |
System.out.println("startDocument"); | |
} | |
public void endDocument() throws SAXException | |
{ | |
System.out.println("endDocument"); | |
} | |
public void startPrefixMapping(String prefix, String uri) throws SAXException | |
{ | |
System.out.println("startPrefixMapping " + prefix + "," + uri); | |
} | |
public void endPrefixMapping(String prefix) throws SAXException | |
{ | |
System.out.println("endPrefixMapping " + prefix); | |
} | |
public void startElement(String uri, String localName, String qName, Attributes atts) throws SAXException | |
{ | |
System.out.println("startElement <" + uri + "," + localName + "," + qName + ">"); | |
} | |
public void endElement(String uri, String localName, String qName) throws SAXException | |
{ | |
System.out.println("endElement </" + qName + ">"); | |
} | |
public void characters(char[] ch, int start, int length) throws SAXException | |
{ | |
String d = String.valueOf(ch,start,length).replace("\n", "\\n").replace("\r", "\\r"); | |
System.out.println(" data \"" + d +"\""); | |
} | |
public void ignorableWhitespace(char[] ch, int start, int length) throws SAXException | |
{ | |
System.out.print(" "); | |
} | |
public void processingInstruction(String target, String data) throws SAXException | |
{ | |
System.out.print("!"); | |
} | |
public void skippedEntity(String name) throws SAXException | |
{ | |
System.out.println("skippedEntity " + name); | |
} | |
public void warning(SAXParseException exception) throws SAXException | |
{ | |
System.err.println("warn " + exception); | |
} | |
public void error(SAXParseException exception) throws SAXException | |
{ | |
System.err.println("error " + exception); | |
} | |
public void fatalError(SAXParseException exception) throws SAXException | |
{ | |
System.err.println("fatal " + exception); | |
} | |
} | |
public static void main(String[] args) throws SAXException, IOException | |
{ | |
Object myHandler = new Handler(); | |
XMLReader reader = XMLReaderFactory.createXMLReader(); | |
//reader.setProperty("http://xml.org/sax/properties/lexical-handler", myHandler); | |
reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); | |
reader.setFeature("http://xml.org/sax/features/namespaces", false); | |
reader.setFeature("http://apache.org/xml/features/continue-after-fatal-error", true); // ! | |
reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); | |
reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); | |
reader.setFeature("http://xml.org/sax/features/external-general-entities", false); | |
reader.setContentHandler((ContentHandler)myHandler); | |
//reader.setDTDHandler((DTDHandler)myHandler); | |
//reader.setEntityResolver((EntityResolver)myHandler); | |
reader.setErrorHandler((ErrorHandler)myHandler); | |
File f = new File("src/main/resources/test.xml").getAbsoluteFile(); | |
System.out.println("Parsing " + f); | |
reader.parse(f.toURI().toString()); | |
System.out.println("Done."); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd" [ | |
<!ENTITY ext SYSTEM "test.txt"> | |
<!ENTITY int 'int-resolved'> | |
]> | |
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false"> | |
<test>&ext;</test> | |
<test2>&</test2> | |
<test3>∫</test3> | |
</log4j:configuration> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment