JDK-4988387 : validation.SchemaFactory: invalid XPath expression is allowed
  • Type: Bug
  • Component: xml
  • Sub-Component: jaxp
  • Affected Version: 5.0
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2004-02-04
  • Updated: 2012-04-25
  • Resolved: 2004-03-01
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
5.0 b41Fixed
Related Reports
Relates :  
JDK-8015092 - SchemaFactory cannot parse schema if whitespace added within patterns in Selector XPath expression
Description
Name: erR10175			Date: 02/04/2004


 
  The method 

public Schema newSchema(File schema) 

in the class javax.xml.validation.SchemaFactory does not detect 
invalid XPath expressions in identity-constraint (key/keyref/unique) field 
and selector values.

  The following expressions:

"./ /.", "| imp:sid", "xpns : *", "xpns :*"

violate BNFs specified for the selector and field attributes in XML Schema Structures, 
Section 3.11.6 Constraints on Identity-constraint Definition Schema Components.

The bug affects the following new JCK-15 beta2 tests adopted from W3C XSTC-20020116 testsuite:
    api/xml_schema/msxsdtest/identityConstraint/idJ030.html#idJ030
    api/xml_schema/msxsdtest/identityConstraint/idJ008.html#idJ008
    api/xml_schema/msxsdtest/identityConstraint/idJ017.html#idJ017
    api/xml_schema/msxsdtest/identityConstraint/idJ015.html#idJ015
    api/xml_schema/msxsdtest/identityConstraint/idI022.html#idI022
    api/xml_schema/msxsdtest/identityConstraint/idI016.html#idI016
    api/xml_schema/msxsdtest/identityConstraint/idI014.html#idI014
    api/xml_schema/msxsdtest/identityConstraint/idI007.html#idI007

The bug is found in jdk1.5.0/beta/b35.

To reproduce the bug compile and run the following code as shown in the log below. 
------------------------------------------- test.xsd
<?xml version="1.0"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
        <xsd:element name="root">
                <xsd:complexType>
                        <xsd:sequence>
                                <xsd:element ref="tid" maxOccurs="unbounded"/>
                        </xsd:sequence>
                </xsd:complexType>
                <xsd:unique name="uid">
                        <xsd:selector xpath=".//tid"/>
                        <xsd:field xpath="./ /."/>
                </xsd:unique>
        </xsd:element>
        <xsd:element name="tid" type="xsd:string"/>
</xsd:schema>
----------------------------------------------------

------------------------------------------ test.java
import java.io.File;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
import org.xml.sax.helpers.DefaultHandler;
import javax.xml.validation.SchemaFactory;

public class test {

    protected static class ErrorHandler extends DefaultHandler {
        public int errorCounter = 0;

        public void error(SAXParseException e) throws SAXException {
            System.out.println(e);
            errorCounter++;
        }

        public void fatalError(SAXParseException e) throws SAXException {
            System.out.println(e);
            errorCounter++;
        }
    }

    public static void main(String [] args) {
        SchemaFactory schemaFactory =
                SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");

        ErrorHandler errorHandler = new ErrorHandler();
        schemaFactory.setErrorHandler(errorHandler);

        try {
            schemaFactory.newSchema(new File(args[0]));
        } catch (SAXException e) {
            exit(1, "Fatal Error: " + e);
        }

        if (errorHandler.errorCounter == 0) {
            exit(1, "Failed: " + args[0] + " is valid");
        } else {
            exit(0, "Passed.");
        }
    }

    public static void exit(int errCode, String msg) {
        System.out.println(msg);
        System.exit(errCode);
    }
}
----------------------------------------------------

------------------------------------------------ log
$javac test.java && java -showversion test test.xsd 
java version "1.5.0-beta2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta2-b35)
Java HotSpot(TM) Client VM (build 1.5.0-beta2-b35, mixed mode)

Failed: test.xsd is valid
----------------------------------------------------

======================================================================
Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: tiger-beta2 FIXED IN: tiger-beta2 INTEGRATED IN: tiger-b41 tiger-beta2 VERIFIED IN: tiger-beta2
14-06-2004
EVALUATION There is a problem in Xerces XPath class. Also note that the XPath part will be likely to allow whitespaces. See http://lists.w3.org/Archives/Public/www-xml-schema-comments/2001JulSep/0183.html ###@###.### 2004-02-05 Fixed in the Apache repository. (after 2.6.1) ###@###.### 2004-02-05 Bugfix is integrated into Tiger build b41 as part of JAXP integration on Feb 28, 2004 ###@###.### 2004-03-01
05-02-2004