Merge pull request diffblue#547 from diffblue/add_XXE_models_library

SEC-633: Added XXE models library.

Author: marek-trtik

benchmarks/LIBRARIES/javax_xxe_library/.gitignore

@@ -0,0 +1 @@
+target

benchmarks/LIBRARIES/javax_xxe_library/pom.xml

@@ -0,0 +1,63 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>javax.xml.stream</groupId>
+  <artifactId>XXE</artifactId>
+  <version>1.0</version>
+  <packaging>jar</packaging>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+  </properties>
+
+  <name>CProver JDK XXE Models</name>
+
+  <!-- Tell javadoc plugin not to fail on warnings -->
+  <profiles>
+    <profile>
+      <id>java8-doclint-disabled</id>
+      <activation>
+        <jdk>[1.8,)</jdk>
+      </activation>
+      <properties>
+        <javadoc.opts>-Xdoclint:none</javadoc.opts>
+      </properties>
+    </profile>
+  </profiles>
+
+  <build>
+    <finalName>javax_xxe_models</finalName>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.6.1</version>
+        <configuration>
+          <compilerArguments>
+            <classpath>${java.home}/lib/rt.jar</classpath>
+          </compilerArguments>
+          <source>1.8</source>
+          <target>1.8</target>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-javadoc-plugin</artifactId>
+        <version>3.0.0-M1</version>
+        <configuration>
+          <outputDirectory>doc</outputDirectory>
+          <quiet>true</quiet>
+          <nosince>true</nosince>
+          <sourcepath>src/main/java</sourcepath>
+          <subpackages>java</subpackages>
+          <overview>src/main/overview.html</overview>
+          <windowtitle>Diffblue Library of XXE Models</windowtitle>
+          <doctitle>Diffblue Library of XXE Models</doctitle>
+          <!--No fail on warning-->
+          <additionalparam>${javadoc.opts}</additionalparam>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

benchmarks/LIBRARIES/javax_xxe_library/src/main/java/javax/xml/stream/DIFFBLUEXMLInputFactory.java

@@ -0,0 +1,138 @@
+package javax.xml.stream;
+
+import javax.xml.stream.util.XMLEventAllocator;
+import javax.xml.transform.Source;
+
+
+class DIFFBLUEXMLInputFactory extends XMLInputFactory {
+
+  public XMLStreamReader createXMLStreamReader(java.io.Reader reader)
+    throws XMLStreamException {
+    if (this.isSupportingExternalEntities == true)
+        return createXXEVulnerableXMLStreamReader(reader);
+    return new DIFFBLUEXMLStreamReader(reader);
+  }
+
+  private XMLStreamReader createXXEVulnerableXMLStreamReader(java.io.Reader reader)
+    throws XMLStreamException {
+    return new DIFFBLUEXMLStreamReader(reader);
+  }
+
+  public XMLStreamReader createXMLStreamReader(Source source)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLStreamReader createXMLStreamReader(java.io.InputStream stream)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLStreamReader createXMLStreamReader(java.io.InputStream stream, String encoding)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLStreamReader createXMLStreamReader(String systemId, java.io.InputStream stream)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLStreamReader createXMLStreamReader(String systemId, java.io.Reader reader)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(java.io.Reader reader)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(String systemId, java.io.Reader reader)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(XMLStreamReader reader)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(Source source)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(java.io.InputStream stream)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(java.io.InputStream stream, String encoding)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createXMLEventReader(String systemId, java.io.InputStream stream)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLStreamReader createFilteredReader(XMLStreamReader reader, StreamFilter filter)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLEventReader createFilteredReader(XMLEventReader reader, EventFilter filter)
+    throws XMLStreamException {
+    return null;
+  }
+
+  public XMLResolver getXMLResolver() {
+    return null;
+  }
+
+  public void  setXMLResolver(XMLResolver resolver) {
+  }
+
+  public XMLReporter getXMLReporter() {
+    return null;
+  }
+
+  public void setXMLReporter(XMLReporter reporter) {
+  }
+
+  public void setProperty(java.lang.String name, Object value)
+    throws java.lang.IllegalArgumentException {
+    if (name == "javax.xml.stream.isSupportingExternalEntities") {
+        if (value instanceof Boolean) {
+            if ((Boolean)value == true)
+                this.isSupportingExternalEntities = true;
+            else
+                this.isSupportingExternalEntities = false;
+        }
+    }
+  }
+
+  public Object getProperty(java.lang.String name)
+    throws java.lang.IllegalArgumentException {
+    if (name == "javax.xml.stream.isSupportingExternalEntities")
+        return new Boolean(this.isSupportingExternalEntities);
+    return new Boolean(false);
+  }
+
+
+  public boolean isPropertySupported(String name) {
+    return name == "javax.xml.stream.isSupportingExternalEntities";
+  }
+
+  public void setEventAllocator(XMLEventAllocator allocator) {
+  }
+
+  public XMLEventAllocator getEventAllocator() {
+    return null;
+  }
+
+  private boolean isSupportingExternalEntities;
+}
+