/usr/include/xercesc/util/SecurityManager.hpp is in libxerces-c-dev 3.1.3+debian-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | /*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* $Id: SecurityManager.hpp 673960 2008-07-04 08:50:12Z borisk $
*/
#if !defined(XERCESC_INCLUDE_GUARD_SECURITYMANAGER_HPP)
#define XERCESC_INCLUDE_GUARD_SECURITYMANAGER_HPP
#include <xercesc/util/XercesDefs.hpp>
XERCES_CPP_NAMESPACE_BEGIN
/**
* Allow application to force the parser to behave in a security-conscious
* way.
*
* <p> There are cases in which an XML- or XmL-schema-
* conformant processor can be presented with documents the
* processing of which can involve the consumption of
* prohibitive amounts of system resources. Applications can
* attach instances of this class to parsers that they've
* created, via the
* http://apache.org/xml/properties/security-manager property.
* </p>
*
* <p> Defaults will be provided for all known security holes.
* Setter methods will be provided on this class to ensure that
* an application can customize each limit as it chooses.
* Components that are vulnerable to any given hole need to be
* written to act appropriately when an instance of this class
* has been set on the calling parser.
* </p>
*/
class XMLUTIL_EXPORT SecurityManager
{
public:
enum { ENTITY_EXPANSION_LIMIT = 50000};
/** @name default Constructors */
//@{
/** Default constructor */
SecurityManager()
: fEntityExpansionLimit((XMLSize_t)ENTITY_EXPANSION_LIMIT)
{
}
/** Destructor */
virtual ~SecurityManager(){};
//@}
/** @name The Security Manager */
//@{
/**
* An application should call this method when it wishes to specify a particular
* limit to the number of entity expansions the parser will permit in a
* particular document. The default behaviour should allow the parser
* to validate nearly all XML non-malicious XML documents; if an
* application knows that it is operating in a domain where entities are
* uncommon, for instance, it may wish to provide a limit lower than the
* parser's default.
*
* @param newLimit the new entity expansion limit
*
*/
virtual void setEntityExpansionLimit(XMLSize_t newLimit)
{
fEntityExpansionLimit = newLimit;
}
/**
* Permits the application or a parser component to query the current
* limit for entity expansions.
*
* @return the current setting of the entity expansion limit
*
*/
virtual XMLSize_t getEntityExpansionLimit() const
{
return fEntityExpansionLimit;
}
//@}
protected:
XMLSize_t fEntityExpansionLimit;
private:
/* Unimplemented Constructors and operators */
/* Copy constructor */
SecurityManager(const SecurityManager&);
/** Assignment operator */
SecurityManager& operator=(const SecurityManager&);
};
XERCES_CPP_NAMESPACE_END
#endif
|