mirror of https://github.com/apache/cloudstack.git
Refactor XML parsing to use safer document builders in multiple classes (#12129)
Co-authored-by: chenyoulong20g@ict.ac.cn <chenyoulong20g@ict.ac.cn>
This commit is contained in:
YoulongChen
GitHub
parent
4f74937855
commit
77cb0827d3
|
|
@ -42,6 +42,7 @@ import org.apache.cloudstack.storage.datastore.client.ScaleIOGatewayClient;
|
||||||
import org.apache.cloudstack.storage.datastore.util.ScaleIOUtil;
|
import org.apache.cloudstack.storage.datastore.util.ScaleIOUtil;
|
||||||
import org.apache.cloudstack.storage.to.PrimaryDataStoreTO;
|
import org.apache.cloudstack.storage.to.PrimaryDataStoreTO;
|
||||||
import org.apache.cloudstack.storage.to.VolumeObjectTO;
|
import org.apache.cloudstack.storage.to.VolumeObjectTO;
|
||||||
|
import org.apache.cloudstack.utils.security.ParserUtils;
|
||||||
import org.apache.commons.lang3.ArrayUtils;
|
import org.apache.commons.lang3.ArrayUtils;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.libvirt.Connect;
|
import org.libvirt.Connect;
|
||||||
|
|
@ -216,7 +217,7 @@ public class LibvirtMigrateVolumeCommandWrapper extends CommandWrapper<MigrateVo
|
||||||
|
|
||||||
private String generateDestinationDiskLabel(String diskXml) throws ParserConfigurationException, IOException, SAXException {
|
private String generateDestinationDiskLabel(String diskXml) throws ParserConfigurationException, IOException, SAXException {
|
||||||
|
|
||||||
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory dbFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
|
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
|
||||||
Document doc = dBuilder.parse(new ByteArrayInputStream(diskXml.getBytes("UTF-8")));
|
Document doc = dBuilder.parse(new ByteArrayInputStream(diskXml.getBytes("UTF-8")));
|
||||||
doc.getDocumentElement().normalize();
|
doc.getDocumentElement().normalize();
|
||||||
|
|
@ -230,7 +231,7 @@ public class LibvirtMigrateVolumeCommandWrapper extends CommandWrapper<MigrateVo
|
||||||
protected String generateDestinationDiskXML(Domain dm, String srcVolumeId, String diskFilePath, String destSecretUUID) throws LibvirtException, ParserConfigurationException, IOException, TransformerException, SAXException {
|
protected String generateDestinationDiskXML(Domain dm, String srcVolumeId, String diskFilePath, String destSecretUUID) throws LibvirtException, ParserConfigurationException, IOException, TransformerException, SAXException {
|
||||||
final String domXml = dm.getXMLDesc(0);
|
final String domXml = dm.getXMLDesc(0);
|
||||||
|
|
||||||
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory dbFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
|
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
|
||||||
Document doc = dBuilder.parse(new ByteArrayInputStream(domXml.getBytes("UTF-8")));
|
Document doc = dBuilder.parse(new ByteArrayInputStream(domXml.getBytes("UTF-8")));
|
||||||
doc.getDocumentElement().normalize();
|
doc.getDocumentElement().normalize();
|
||||||
|
|
|
||||||
|
|
@ -429,7 +429,7 @@ public class DatabaseConfig {
|
||||||
try {
|
try {
|
||||||
final File configFile = new File(_configFileName);
|
final File configFile = new File(_configFileName);
|
||||||
|
|
||||||
SAXParserFactory spfactory = SAXParserFactory.newInstance();
|
SAXParserFactory spfactory = ParserUtils.getSaferSAXParserFactory();
|
||||||
final SAXParser saxParser = spfactory.newSAXParser();
|
final SAXParser saxParser = spfactory.newSAXParser();
|
||||||
final DbConfigXMLHandler handler = new DbConfigXMLHandler();
|
final DbConfigXMLHandler handler = new DbConfigXMLHandler();
|
||||||
handler.setParent(this);
|
handler.setParent(this);
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,7 @@ import javax.xml.parsers.DocumentBuilderFactory;
|
||||||
import javax.xml.parsers.ParserConfigurationException;
|
import javax.xml.parsers.ParserConfigurationException;
|
||||||
|
|
||||||
import org.apache.logging.log4j.Logger;
|
import org.apache.logging.log4j.Logger;
|
||||||
|
import org.apache.cloudstack.utils.security.ParserUtils;
|
||||||
import org.apache.logging.log4j.LogManager;
|
import org.apache.logging.log4j.LogManager;
|
||||||
import org.w3c.dom.DOMException;
|
import org.w3c.dom.DOMException;
|
||||||
import org.w3c.dom.DOMImplementation;
|
import org.w3c.dom.DOMImplementation;
|
||||||
|
|
@ -67,7 +68,7 @@ public class VsmCommand {
|
||||||
public static String getAddPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid, String vdc, String espName) {
|
public static String getAddPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid, String vdc, String espName) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -100,7 +101,7 @@ public class VsmCommand {
|
||||||
public static String getAddPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid) {
|
public static String getAddPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -133,7 +134,7 @@ public class VsmCommand {
|
||||||
public static String getUpdatePortProfile(String name, SwitchPortMode mode, List<Pair<VsmCommand.OperationType, String>> params) {
|
public static String getUpdatePortProfile(String name, SwitchPortMode mode, List<Pair<VsmCommand.OperationType, String>> params) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -166,7 +167,7 @@ public class VsmCommand {
|
||||||
public static String getDeletePortProfile(String portName) {
|
public static String getDeletePortProfile(String portName) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -199,7 +200,7 @@ public class VsmCommand {
|
||||||
public static String getAddPolicyMap(String name, int averageRate, int maxRate, int burstRate) {
|
public static String getAddPolicyMap(String name, int averageRate, int maxRate, int burstRate) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -232,7 +233,7 @@ public class VsmCommand {
|
||||||
public static String getDeletePolicyMap(String name) {
|
public static String getDeletePolicyMap(String name) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -265,7 +266,7 @@ public class VsmCommand {
|
||||||
public static String getServicePolicy(String policyMap, String portProfile, boolean attach) {
|
public static String getServicePolicy(String policyMap, String portProfile, boolean attach) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -297,7 +298,7 @@ public class VsmCommand {
|
||||||
|
|
||||||
public static String getPortProfile(String name) {
|
public static String getPortProfile(String name) {
|
||||||
try {
|
try {
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -334,7 +335,7 @@ public class VsmCommand {
|
||||||
|
|
||||||
public static String getPolicyMap(String name) {
|
public static String getPolicyMap(String name) {
|
||||||
try {
|
try {
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
@ -367,7 +368,7 @@ public class VsmCommand {
|
||||||
|
|
||||||
public static String getHello() {
|
public static String getHello() {
|
||||||
try {
|
try {
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
|
|
||||||
|
|
@ -395,7 +396,7 @@ public class VsmCommand {
|
||||||
public static String getVServiceNode(String vlanId, String ipAddr) {
|
public static String getVServiceNode(String vlanId, String ipAddr) {
|
||||||
try {
|
try {
|
||||||
// Create the document and root element.
|
// Create the document and root element.
|
||||||
DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
|
DocumentBuilderFactory docFactory = ParserUtils.getSaferDocumentBuilderFactory();
|
||||||
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
|
||||||
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
DOMImplementation domImpl = docBuilder.getDOMImplementation();
|
||||||
Document doc = createDocument(domImpl);
|
Document doc = createDocument(domImpl);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue