RFR: 8245: Improve XML processing

Virag Purnam vpurnam at openjdk.org
Mon Jul 29 15:17:04 UTC 2024


Fortify complains below issues:
1. Missing XML validation 
     ListVersions.java
     Preset.java
     StateToolkit.java
     TestRulesWithJfr.java
      XmlToolkit.java
2. XML Entity Expansion Injection:
     ListVersions.java
     Preset.java
     TestRulesWithJfr.java
      Transform.java
3. XML External Entity Injection 
     ListVersions.java
     TestRulesWithJfr.java

With this PR, all the above issues have been addressed.

-------------

Commit messages:
 - 8245: Improve XML processing

Changes: https://git.openjdk.org/jmc/pull/573/files
  Webrev: https://webrevs.openjdk.org/?repo=jmc&pr=573&range=00
  Issue: https://bugs.openjdk.org/browse/JMC-8245
  Stats: 22 lines in 6 files changed: 16 ins; 0 del; 6 mod
  Patch: https://git.openjdk.org/jmc/pull/573.diff
  Fetch: git fetch https://git.openjdk.org/jmc.git pull/573/head:pull/573

PR: https://git.openjdk.org/jmc/pull/573


More information about the jmc-dev mailing list