Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Won't Fix
-
2.5.0, 2.6.0
-
None
-
None
-
Solaris 2.8, Forte 6.2 patch 5, built from source for both 2.5.0 and 2.6.0
Description
I am writing some code to validate documents against a given schema:
parser = new XercesDOMParser;
errorHandler = new ValidatorErrorHandler;
parser->setErrorHandler(errorHandler);
parser->setValidationScheme(XercesDOMParser::Val_Always);
parser->setDoNamespaces(true);
parser->setDoSchema(true);
//parser->setExternalSchemaLocation(schemaLocationWithNS.c_str());
parser->setExternalNoNamespaceSchemaLocation(schemaLocation.c_str());
parser->cacheGrammarFromParse(true);
The code should override any schema declarations in the instance document.
It works as expected when no schema declarations are present, and also correctly overrides any noNameSpaceSchemaLocation declared in the document.
However, if the document contains a schemaLocation declaration, then the code above fails to override it and the schema is loaded from the location contained in the document.
Here is a sample declaration:
<rootElement xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://exploit.com/schema http://www.exploit.com/schemas/exploitSchema.xsd"/>
I am flagging this as cricital because of the possible security considerations. Instance documents should not be able to override the schema location declared by the program, since it then becomes a trivial matter to pass untrusted data to a program which is expecting validated input.
Note that using the commented-out line above to set the schema location in the program also fails to override the document setting.