okay, just for a sanity check on this, would something like this seem
to be the appropriate use of the SecurityManager to fulfill my needs
of not running out of memory?
SAXParser parser = new SAXParser();
parser.setFeature("http://xml.org/sax/features/validation";, true);
parser.setFeature("http://apache.org/xml/features/validation/schema";,
true);
parser.setFeature("http://apache.org/xml/features/validation/schema-full-checking";,
true);
.....
SecurityManager securityManager = new SecurityManager();
securityManager.setMaxOccurNodeLimit(5000);
parser.setProperty("http://apache.org/xml/properties/security-manager";,
securityManager);
thanks again
On 10/29/06, Michael Glavassevich <[EMAIL PROTECTED]> wrote:
Hi Paul,
You can avoid the OOM error by setting the JAXP secure processing feature
[1] or a SecurityManager [2][3]. This puts a limit on the maxOccurs values
in the schema. A fatal error is emitted if the limit is exceeded.
Thanks.
[1]
http://xerces.apache.org/xerces2-j/javadocs/api/javax/xml/XMLConstants.html#FEATURE_SECURE_PROCESSING
[2] http://xerces.apache.org/xerces2-j/properties.html#security-manager
[3]
http://xerces.apache.org/xerces2-j/javadocs/xerces2/org/apache/xerces/util/SecurityManager.html
Michael Glavassevich
XML Parser Development
IBM Toronto Lab
E-mail: [EMAIL PROTECTED]
E-mail: [EMAIL PROTECTED]
"Paul Tomsic" <[EMAIL PROTECTED]> wrote on 10/29/2006 11:10:17 PM:
> ah, of course. great catch. thank you.
> is there an obvious way to trap for this?
>
> i'm working for a large organization that tends to have 1000's of ppl
> that could be the maker of the XSD.
>
> short of me making an FAQ page of best-practices (which no one will
> read) can i programatically trap for this type of thing, as opposed to
> having minor issues like this occur, thus causing an OOM error?
>
> thanks again
>
>
> On 10/29/06, Michael Glavassevich <[EMAIL PROTECTED]> wrote:
> > Hi Paul,
> >
> > This happens because you have maxOccurs="50000" on "
> > originDestinationPair". The larger the value of maxOccurs the more
memory
> > Xerces requires to build the DFA representation of the content model.
If
> > the value is sufficiently large you'll run out of memory. The
workaround
> > for this limitation [1] has always been to change large maxOccurs
values
> > to unbounded.
> >
> > Thanks.
> >
> > [1] http://xerces.apache.org/xerces2-j/xml-schema.html
> >
> > Michael Glavassevich
> > XML Parser Development
> > IBM Toronto Lab
> > E-mail: [EMAIL PROTECTED]
> > E-mail: [EMAIL PROTECTED]
> >
> > "Paul Tomsic" <[EMAIL PROTECTED]> wrote on 10/27/2006 05:42:36 PM:
> >
> > > I think i've found a bug in xerces 2.8.1.
> > > I've attached a tarball that reproduces the error.
> > > The error is "OutOfMemoryError: Java heap space"
> > >
> > > the situation is an XML file points to a XSD which contains several
> > > "included" XSDs.
> > > one of those XSD's has a mismatched targetNamespace.
> > >
> > > While stepping thru the code in a debugger, it does find the problem
> > > and record the correct SAXParseException, but it continues to
traverse
> > > the tree of included XSDs, thus causing the heap space out of memory
> > > situation.
> > >
> > > hopefully it's something that i'm doing wrong, though. any
thoughts
> > helpful.
> > >
> > > To run the attached tarball, simply expand it, load up the "lib"
> > directory w/
> > > -xercesImpl 2.8.1
> > > -xml-apis 2.8.1
> > > -resolver - the version that ships w/ xerces 2.8.1
> > >
> > > then run the "run.sh" shell script.
> > >
> > > thanks
> > >
> > >
---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
