From 3d1348533e68a06593a395d6a72061315dd3dcfb Mon Sep 17 00:00:00 2001
From: "Yuan.Wang" <1536296691@qq.com>
Date: Tue, 19 Sep 2023 10:27:57 +0800
Subject: [PATCH 1/2] =?UTF-8?q?REPORT-104378=20Apache=20XmI=20Graphics=20B?=
=?UTF-8?q?atik=20=E5=8D=87=E7=BA=A71.17?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
fine-xmlgraphics/xmlgraphics-batik/README.md | 2 +-
.../apache/batik/anim/AnimationEngine.java | 11 +--
.../anim/dom/AbstractSVGAnimatedValue.java | 4 +-
.../batik/anim/dom/SAXSVGDocumentFactory.java | 22 +++---
.../anim/dom/SVG12DOMImplementation.java | 12 ++--
.../apache/batik/anim/dom/SVGOMDocument.java | 21 +++---
.../apache/batik/apps/rasterizer/Main.java | 14 ++--
.../batik/apps/rasterizer/SVGConverter.java | 6 +-
.../batik/apps/svgbrowser/AboutDialog.java | 21 +++---
.../bridge/AbstractGraphicsNodeBridge.java | 11 +--
.../apache/batik/bridge/BridgeContext.java | 37 +++++-----
.../DefaultExternalResourceSecurity.java | 3 +
.../apache/batik/bridge/FlowTextPainter.java | 22 +++---
.../batik/bridge/SVGAElementBridge.java | 10 +--
.../org/apache/batik/bridge/SVGFontFace.java | 4 +-
.../apache/batik/bridge/SVGFontFamily.java | 9 +--
.../batik/bridge/SVGUseElementBridge.java | 13 ++--
.../org/apache/batik/bridge/SVGUtilities.java | 16 ++---
.../org/apache/batik/bridge/UserAgent.java | 11 +--
.../apache/batik/bridge/UserAgentAdapter.java | 2 +-
.../org.apache.batik.bridge.BridgeExtension | 24 +++++++
.../org.apache.batik.dom.DomExtension | 24 +++++++
.../org/apache/batik/extensions/README.txt | 13 ++++
.../batik/script/rhino/RhinoClassShutter.java | 57 ++--------------
.../apache/batik/svggen/DOMTreeManager.java | 12 ++--
.../transcoder/SVGAbstractTranscoder.java | 24 +++----
.../transcoder/image/ImageTranscoder.java | 20 +++---
.../transcoder/svg2svg/SVGTranscoder.java | 12 ++--
.../src/main/resources/NOTICE | 2 +-
.../dom/resources/UserAgentStyleSheet.css | 6 ++
.../anim/dom/resources/dtdids.properties | 68 +++++++++++++++++++
.../batik/anim/resources/Messages.properties | 28 ++++++++
32 files changed, 338 insertions(+), 203 deletions(-)
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.bridge.BridgeExtension
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.dom.DomExtension
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/org/apache/batik/extensions/README.txt
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/UserAgentStyleSheet.css
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/dtdids.properties
create mode 100644 fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/resources/Messages.properties
diff --git a/fine-xmlgraphics/xmlgraphics-batik/README.md b/fine-xmlgraphics/xmlgraphics-batik/README.md
index d7301f037..f43f4d33d 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/README.md
+++ b/fine-xmlgraphics/xmlgraphics-batik/README.md
@@ -1,2 +1,2 @@
源码地址:https://github.com/apache/xmlgraphics-batik
-版本:1.16
\ No newline at end of file
+版本:1.17
\ No newline at end of file
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/AnimationEngine.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/AnimationEngine.java
index e6ccbb5d9..166eba766 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/AnimationEngine.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/AnimationEngine.java
@@ -18,6 +18,11 @@
*/
package org.apache.batik.anim;
+import java.util.Calendar;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
import org.apache.batik.anim.dom.AnimationTarget;
import org.apache.batik.anim.dom.AnimationTargetListener;
import org.apache.batik.anim.timing.TimedDocumentRoot;
@@ -25,12 +30,8 @@ import org.apache.batik.anim.timing.TimedElement;
import org.apache.batik.anim.timing.TimegraphListener;
import org.apache.batik.anim.values.AnimatableValue;
import org.apache.batik.util.DoublyIndexedTable;
-import org.w3c.dom.Document;
-import java.util.Calendar;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
+import org.w3c.dom.Document;
/**
* An abstract base class for managing animation in a document.
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/AbstractSVGAnimatedValue.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/AbstractSVGAnimatedValue.java
index 56cad492e..8080540f3 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/AbstractSVGAnimatedValue.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/AbstractSVGAnimatedValue.java
@@ -18,10 +18,10 @@
*/
package org.apache.batik.anim.dom;
-import org.apache.batik.anim.values.AnimatableValue;
-
import java.util.LinkedList;
+import org.apache.batik.anim.values.AnimatableValue;
+
/**
* An abstract base class for the SVGAnimated*
classes, that
* implements an {@link AnimatedAttributeListener} list.
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SAXSVGDocumentFactory.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SAXSVGDocumentFactory.java
index d19267735..581ce906e 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SAXSVGDocumentFactory.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SAXSVGDocumentFactory.java
@@ -18,24 +18,26 @@
*/
package org.apache.batik.anim.dom;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.Reader;
+import java.io.StringReader;
+import java.net.MalformedURLException;
+import java.util.MissingResourceException;
+import java.util.Properties;
+
import org.apache.batik.dom.AbstractDocument;
import org.apache.batik.dom.svg.SVGDocumentFactory;
import org.apache.batik.dom.util.SAXDocumentFactory;
import org.apache.batik.util.MimeTypeConstants;
import org.apache.batik.util.ParsedURL;
-import org.w3c.dom.DOMImplementation;
-import org.w3c.dom.Document;
-import org.w3c.dom.svg.SVGDocument;
+
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.Reader;
-import java.io.StringReader;
-import java.net.MalformedURLException;
-import java.util.MissingResourceException;
-import java.util.Properties;
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.Document;
+import org.w3c.dom.svg.SVGDocument;
/**
* This class contains methods for creating SVGDocument instances
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVG12DOMImplementation.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVG12DOMImplementation.java
index 50d09532e..a3e30eed8 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVG12DOMImplementation.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVG12DOMImplementation.java
@@ -18,6 +18,9 @@
*/
package org.apache.batik.anim.dom;
+import java.net.URL;
+import java.util.HashMap;
+
import org.apache.batik.css.engine.CSSContext;
import org.apache.batik.css.engine.CSSEngine;
import org.apache.batik.css.engine.SVG12CSSEngine;
@@ -32,21 +35,20 @@ import org.apache.batik.dom.events.DocumentEventSupport;
import org.apache.batik.dom.events.EventSupport;
import org.apache.batik.dom.svg12.SVGOMWheelEvent;
import org.apache.batik.dom.svg12.XBLOMShadowTreeEvent;
+
import org.apache.batik.dom.util.DOMUtilities;
import org.apache.batik.util.ParsedURL;
import org.apache.batik.util.SVG12Constants;
import org.apache.batik.util.XBLConstants;
+
import org.w3c.css.sac.InputSource;
-import org.w3c.dom.DOMException;
-import org.w3c.dom.DOMImplementation;
import org.w3c.dom.Document;
import org.w3c.dom.DocumentType;
+import org.w3c.dom.DOMImplementation;
+import org.w3c.dom.DOMException;
import org.w3c.dom.Element;
import org.w3c.dom.events.Event;
-import java.net.URL;
-import java.util.HashMap;
-
/**
* This class implements the {@link DOMImplementation} interface.
* It provides support the SVG 1.2 documents.
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVGOMDocument.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVGOMDocument.java
index 3a7449100..26ef46e7a 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVGOMDocument.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/anim/dom/SVGOMDocument.java
@@ -18,7 +18,15 @@
*/
package org.apache.batik.anim.dom;
-import org.apache.batik.constants.XMLConstants;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.Locale;
+import java.util.MissingResourceException;
+
import org.apache.batik.css.engine.CSSNavigableDocument;
import org.apache.batik.css.engine.CSSNavigableDocumentListener;
import org.apache.batik.css.engine.CSSStylableElement;
@@ -41,6 +49,8 @@ import org.apache.batik.i18n.Localizable;
import org.apache.batik.i18n.LocalizableSupport;
import org.apache.batik.util.ParsedURL;
import org.apache.batik.util.SVGConstants;
+import org.apache.batik.constants.XMLConstants;
+
import org.w3c.dom.Attr;
import org.w3c.dom.CDATASection;
import org.w3c.dom.Comment;
@@ -63,15 +73,6 @@ import org.w3c.dom.svg.SVGDocument;
import org.w3c.dom.svg.SVGLangSpace;
import org.w3c.dom.svg.SVGSVGElement;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.Locale;
-import java.util.MissingResourceException;
-
/**
* This class implements {@link SVGDocument}.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/Main.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/Main.java
index a42f3e3cd..bbf492791 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/Main.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/Main.java
@@ -501,11 +501,11 @@ public class Main implements SVGConverterController {
public static String CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN_DESCRIPTION
= Messages.get("Main.cl.option.constrain.script.origin.description", "No description");
- public static String CL_OPTION_BLOCK_EXTERNAL_RESOURCES
- = Messages.get("Main.cl.option.block.external.resources", "-blockExternalResources");
+ public static String CL_OPTION_ALLOW_EXTERNAL_RESOURCES
+ = Messages.get("Main.cl.option.allow.external.resources", "-allowExternalResources");
- public static String CL_OPTION_BLOCK_EXTERNAL_RESOURCES_DESCRIPTION
- = Messages.get("Main.cl.option.block.external.resources.description", "No description");
+ public static String CL_OPTION_ALLOW_EXTERNAL_RESOURCES_DESCRIPTION
+ = Messages.get("Main.cl.option.allow.external.resources.description", "No description");
/**
* Option to turn off secure execution of scripts
@@ -836,14 +836,14 @@ public class Main implements SVGConverterController {
}
});
- optionMap.put(CL_OPTION_BLOCK_EXTERNAL_RESOURCES,
+ optionMap.put(CL_OPTION_ALLOW_EXTERNAL_RESOURCES,
new NoValueOptionHandler(){
public void handleOption(SVGConverter c){
- c.allowExternalResources = false;
+ c.allowExternalResources = true;
}
public String getOptionDescription(){
- return CL_OPTION_BLOCK_EXTERNAL_RESOURCES_DESCRIPTION;
+ return CL_OPTION_ALLOW_EXTERNAL_RESOURCES_DESCRIPTION;
}
});
}
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java
index 9ec213545..f2b10595a 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/rasterizer/SVGConverter.java
@@ -253,7 +253,7 @@ public class SVGConverter {
the document which references them. */
protected boolean constrainScriptOrigin = true;
- protected boolean allowExternalResources = true;
+ protected boolean allowExternalResources;
/** Controls whether scripts should be run securely or not */
protected boolean securityOff = false;
@@ -927,8 +927,8 @@ public class SVGConverter {
map.put(ImageTranscoder.KEY_CONSTRAIN_SCRIPT_ORIGIN, Boolean.FALSE);
}
- if (!allowExternalResources) {
- map.put(ImageTranscoder.KEY_ALLOW_EXTERNAL_RESOURCES, Boolean.FALSE);
+ if (allowExternalResources) {
+ map.put(ImageTranscoder.KEY_ALLOW_EXTERNAL_RESOURCES, Boolean.TRUE);
}
return map;
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/svgbrowser/AboutDialog.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/svgbrowser/AboutDialog.java
index e9275d7b4..538772643 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/svgbrowser/AboutDialog.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/apps/svgbrowser/AboutDialog.java
@@ -18,16 +18,6 @@
*/
package org.apache.batik.apps.svgbrowser;
-import org.apache.batik.Version;
-
-import javax.swing.BorderFactory;
-import javax.swing.ImageIcon;
-import javax.swing.JComponent;
-import javax.swing.JLabel;
-import javax.swing.JLayeredPane;
-import javax.swing.JWindow;
-import javax.swing.border.BevelBorder;
-import java.net.URL;
import java.awt.Color;
import java.awt.Dimension;
import java.awt.Frame;
@@ -37,6 +27,17 @@ import java.awt.event.KeyAdapter;
import java.awt.event.KeyEvent;
import java.awt.event.MouseAdapter;
import java.awt.event.MouseEvent;
+import java.net.URL;
+
+import javax.swing.BorderFactory;
+import javax.swing.ImageIcon;
+import javax.swing.JComponent;
+import javax.swing.JLabel;
+import javax.swing.JLayeredPane;
+import javax.swing.JWindow;
+import javax.swing.border.BevelBorder;
+
+import org.apache.batik.Version;
/**
* A dialog showing the revision of the Batik viewer as well
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/AbstractGraphicsNodeBridge.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/AbstractGraphicsNodeBridge.java
index 84e0673c0..65463804b 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/AbstractGraphicsNodeBridge.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/AbstractGraphicsNodeBridge.java
@@ -18,6 +18,11 @@
*/
package org.apache.batik.bridge;
+import java.awt.Shape;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Rectangle2D;
+import java.lang.ref.SoftReference;
+
import org.apache.batik.anim.dom.AnimatedLiveAttributeValue;
import org.apache.batik.anim.dom.SVGOMAnimatedTransformList;
import org.apache.batik.anim.dom.SVGOMElement;
@@ -32,6 +37,7 @@ import org.apache.batik.ext.awt.geom.SegmentList;
import org.apache.batik.gvt.CanvasGraphicsNode;
import org.apache.batik.gvt.CompositeGraphicsNode;
import org.apache.batik.gvt.GraphicsNode;
+
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.events.DocumentEvent;
@@ -40,11 +46,6 @@ import org.w3c.dom.events.MutationEvent;
import org.w3c.dom.svg.SVGFitToViewBox;
import org.w3c.dom.svg.SVGTransformable;
-import java.lang.ref.SoftReference;
-import java.awt.Shape;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Rectangle2D;
-
/**
* The base bridge class for SVG graphics node. By default, the namespace URI is
* the SVG namespace. Override the getNamespaceURI
if you want to add
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/BridgeContext.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/BridgeContext.java
index 169121dea..c72484b49 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/BridgeContext.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/BridgeContext.java
@@ -18,6 +18,23 @@
*/
package org.apache.batik.bridge;
+import java.awt.Cursor;
+import java.awt.geom.Dimension2D;
+import java.io.IOException;
+import java.io.InterruptedIOException;
+import java.lang.ref.SoftReference;
+import java.lang.ref.WeakReference;
+import java.net.MalformedURLException;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+import java.util.Set;
+import java.util.WeakHashMap;
+
import org.apache.batik.anim.dom.AnimatedAttributeListener;
import org.apache.batik.anim.dom.AnimatedLiveAttributeValue;
import org.apache.batik.anim.dom.SVGDOMImplementation;
@@ -26,7 +43,6 @@ import org.apache.batik.anim.dom.SVGOMElement;
import org.apache.batik.anim.dom.SVGStylableElement;
import org.apache.batik.bridge.svg12.SVG12BridgeContext;
import org.apache.batik.bridge.svg12.SVG12BridgeExtension;
-import org.apache.batik.constants.XMLConstants;
import org.apache.batik.css.engine.CSSContext;
import org.apache.batik.css.engine.CSSEngine;
import org.apache.batik.css.engine.CSSEngineEvent;
@@ -48,6 +64,8 @@ import org.apache.batik.util.CleanerThread;
import org.apache.batik.util.ParsedURL;
import org.apache.batik.util.SVGConstants;
import org.apache.batik.util.Service;
+import org.apache.batik.constants.XMLConstants;
+
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -58,23 +76,6 @@ import org.w3c.dom.events.MouseEvent;
import org.w3c.dom.events.MutationEvent;
import org.w3c.dom.svg.SVGDocument;
-import java.io.IOException;
-import java.io.InterruptedIOException;
-import java.lang.ref.SoftReference;
-import java.lang.ref.WeakReference;
-import java.net.MalformedURLException;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.ListIterator;
-import java.util.Map;
-import java.util.Set;
-import java.util.WeakHashMap;
-import java.awt.Cursor;
-import java.awt.geom.Dimension2D;
-
/**
* This class represents a context used by the various bridges and the
* builder. A bridge context is associated to a particular document
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/DefaultExternalResourceSecurity.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/DefaultExternalResourceSecurity.java
index 8279a9a98..dc4e9d0d5 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/DefaultExternalResourceSecurity.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/DefaultExternalResourceSecurity.java
@@ -77,6 +77,9 @@ public class DefaultExternalResourceSecurity implements ExternalResourceSecurity
ParsedURL docURL){
// Make sure that the archives comes from the same host
// as the document itself
+ if (DATA_PROTOCOL.equals(externalResourceURL.getProtocol())) {
+ return;
+ }
if (docURL == null) {
se = new SecurityException
(Messages.formatMessage(ERROR_CANNOT_ACCESS_DOCUMENT_URL,
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/FlowTextPainter.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/FlowTextPainter.java
index 2843e23a0..41d2bdb6e 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/FlowTextPainter.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/FlowTextPainter.java
@@ -19,6 +19,17 @@
package org.apache.batik.bridge;
+import java.awt.font.FontRenderContext;
+import java.awt.font.TextAttribute;
+import java.text.AttributedCharacterIterator;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+import java.util.Arrays;
+
import org.apache.batik.gvt.flow.BlockInfo;
import org.apache.batik.gvt.flow.FlowRegions;
import org.apache.batik.gvt.flow.GlyphGroupInfo;
@@ -32,17 +43,6 @@ import org.apache.batik.gvt.font.GVTLineMetrics;
import org.apache.batik.gvt.font.MultiGlyphVector;
import org.apache.batik.gvt.text.GVTAttributedCharacterIterator;
-import java.text.AttributedCharacterIterator;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-import java.awt.font.FontRenderContext;
-import java.awt.font.TextAttribute;
-
/**
* One line Class Desc
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGAElementBridge.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGAElementBridge.java
index e9cd32d6a..09f62d090 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGAElementBridge.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGAElementBridge.java
@@ -18,22 +18,24 @@
*/
package org.apache.batik.bridge;
+import java.awt.Cursor;
+
+import java.util.List;
+
import org.apache.batik.anim.dom.SVGOMAElement;
import org.apache.batik.anim.dom.SVGOMAnimationElement;
import org.apache.batik.anim.dom.SVGOMDocument;
-import org.apache.batik.constants.XMLConstants;
import org.apache.batik.dom.events.AbstractEvent;
import org.apache.batik.dom.events.NodeEventTarget;
import org.apache.batik.gvt.GraphicsNode;
import org.apache.batik.util.ParsedURL;
+import org.apache.batik.constants.XMLConstants;
+
import org.w3c.dom.Element;
import org.w3c.dom.events.Event;
import org.w3c.dom.events.EventListener;
import org.w3c.dom.svg.SVGAElement;
-import java.util.List;
-import java.awt.Cursor;
-
/**
* Bridge class for the <a> element.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFace.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFace.java
index 151e3dfd1..4303645e3 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFace.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFace.java
@@ -18,11 +18,11 @@
*/
package org.apache.batik.bridge;
+import java.util.List;
+
import org.apache.batik.gvt.font.GVTFontFamily;
import org.w3c.dom.Element;
-import java.util.List;
-
/**
* This class represents a <font-face> element or @font-face rule
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFamily.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFamily.java
index 3116c0477..df27216fd 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFamily.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGFontFamily.java
@@ -18,19 +18,20 @@
*/
package org.apache.batik.bridge;
+import java.lang.ref.SoftReference;
+import java.text.AttributedCharacterIterator;
+import java.util.Map;
+
import org.apache.batik.gvt.font.GVTFont;
import org.apache.batik.gvt.font.GVTFontFace;
import org.apache.batik.gvt.font.GVTFontFamily;
import org.apache.batik.gvt.text.GVTAttributedCharacterIterator;
import org.apache.batik.util.SVGConstants;
+
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
-import java.lang.ref.SoftReference;
-import java.text.AttributedCharacterIterator;
-import java.util.Map;
-
/**
* A font family class for SVG fonts.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUseElementBridge.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUseElementBridge.java
index 62cc23eb1..2a6593aac 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUseElementBridge.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUseElementBridge.java
@@ -18,17 +18,23 @@
*/
package org.apache.batik.bridge;
+import java.awt.Cursor;
+import java.awt.RenderingHints;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Rectangle2D;
+
import org.apache.batik.anim.dom.AbstractSVGAnimatedLength;
import org.apache.batik.anim.dom.AnimatedLiveAttributeValue;
import org.apache.batik.anim.dom.SVGOMAnimatedLength;
import org.apache.batik.anim.dom.SVGOMDocument;
import org.apache.batik.anim.dom.SVGOMUseElement;
-import org.apache.batik.constants.XMLConstants;
import org.apache.batik.dom.events.NodeEventTarget;
import org.apache.batik.dom.svg.LiveAttributeException;
import org.apache.batik.dom.svg.SVGOMUseShadowRoot;
import org.apache.batik.gvt.CompositeGraphicsNode;
import org.apache.batik.gvt.GraphicsNode;
+import org.apache.batik.constants.XMLConstants;
+
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
@@ -38,11 +44,6 @@ import org.w3c.dom.events.EventListener;
import org.w3c.dom.svg.SVGTransformable;
import org.w3c.dom.svg.SVGUseElement;
-import java.awt.Cursor;
-import java.awt.RenderingHints;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Rectangle2D;
-
/**
* Bridge class for the <use> element.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUtilities.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUtilities.java
index 9e4a9f93c..7d52874da 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUtilities.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/SVGUtilities.java
@@ -18,6 +18,14 @@
*/
package org.apache.batik.bridge;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Point2D;
+import java.awt.geom.Rectangle2D;
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.StringTokenizer;
+
import org.apache.batik.css.engine.CSSEngine;
import org.apache.batik.dom.util.XLinkSupport;
import org.apache.batik.dom.util.XMLSupport;
@@ -36,14 +44,6 @@ import org.w3c.dom.svg.SVGElement;
import org.w3c.dom.svg.SVGLangSpace;
import org.w3c.dom.svg.SVGNumberList;
-import java.io.IOException;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.StringTokenizer;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Point2D;
-import java.awt.geom.Rectangle2D;
-
/**
* A collection of utility methods for SVG.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgent.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgent.java
index c4d9f5766..ace03a04b 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgent.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgent.java
@@ -18,17 +18,18 @@
*/
package org.apache.batik.bridge;
+import java.awt.Cursor;
+import java.awt.Point;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Dimension2D;
+
import org.apache.batik.gvt.event.EventDispatcher;
import org.apache.batik.util.ParsedURL;
+
import org.w3c.dom.Element;
import org.w3c.dom.svg.SVGAElement;
import org.w3c.dom.svg.SVGDocument;
-import java.awt.Cursor;
-import java.awt.Point;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Dimension2D;
-
/**
* An interface that provides access to the User Agent informations
* needed by the bridge.
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgentAdapter.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgentAdapter.java
index d163acf3e..7c415ddbe 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgentAdapter.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/bridge/UserAgentAdapter.java
@@ -362,7 +362,7 @@ public class UserAgentAdapter implements UserAgent {
public ExternalResourceSecurity
getExternalResourceSecurity(ParsedURL resourceURL,
ParsedURL docURL) {
- return new RelaxedExternalResourceSecurity(resourceURL, docURL);
+ return new DefaultExternalResourceSecurity(resourceURL, docURL);
}
/**
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.bridge.BridgeExtension b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.bridge.BridgeExtension
new file mode 100644
index 000000000..51f48e1f5
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.bridge.BridgeExtension
@@ -0,0 +1,24 @@
+# -----------------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file registers the example Bridge extension as a service for the
+# Bridge context.
+#
+# $Id$
+# -----------------------------------------------------------------------------
+
+org.apache.batik.extension.svg.BatikBridgeExtension
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.dom.DomExtension b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.dom.DomExtension
new file mode 100644
index 000000000..e26bff5eb
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/META-INF/services/org.apache.batik.dom.DomExtension
@@ -0,0 +1,24 @@
+# -----------------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This file registers the example DOM extension as a service for the
+# SVGOMDocument.
+#
+# $Id$
+# -----------------------------------------------------------------------------
+
+org.apache.batik.extension.svg.BatikDomExtension
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/org/apache/batik/extensions/README.txt b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/org/apache/batik/extensions/README.txt
new file mode 100644
index 000000000..c256cf90e
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/extension/svg/org/apache/batik/extensions/README.txt
@@ -0,0 +1,13 @@
+The Jar files in this directory start the same application as in the
+parent directory, except they include the Batik Extensions on the jar
+file class path. This means that that the Batik Extensions will work
+with the applications started by these jar files.
+
+Great care should be used when using the Batik Extensions as these are
+not part of the SVG standard. If you write content that uses these
+extensions you must be aware that this is not conformant SVG content
+and other SVG renderers will not render these documents. These
+extensions should only be used in content used in closed systems.
+
+The primary purpose of these extensions is demonstrative and to
+generate feedback to the development of the SVG standard.
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
index 307affae6..acf03dd14 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
@@ -20,7 +20,7 @@ package org.apache.batik.script.rhino;
import org.mozilla.javascript.ClassShutter;
-import java.util.Arrays;
+import java.util.ArrayList;
import java.util.List;
/**
@@ -30,7 +30,7 @@ import java.util.List;
* @version $Id$
*/
public class RhinoClassShutter implements ClassShutter {
- private static final List WHITELIST = Arrays.asList("java.io.PrintStream", "java.lang.System", "java.net.URL");
+ public static final List WHITELIST = new ArrayList<>();
/*
public RhinoClassShutter() {
@@ -59,56 +59,11 @@ public class RhinoClassShutter implements ClassShutter {
* Returns whether the given class is visible to scripts.
*/
public boolean visibleToScripts(String fullClassName) {
- if (!WHITELIST.contains(fullClassName) && !fullClassName.endsWith("Permission") && !fullClassName.startsWith("org.")) {
- return false;
- }
-
- // Don't let them mess with script engine's internals.
- if (fullClassName.startsWith("org.mozilla.javascript"))
- return false;
-
- if (fullClassName.startsWith("org.apache.batik.")) {
- // Just get package within batik.
- String batikPkg = fullClassName.substring(17);
-
- // Don't let them mess with Batik script internals.
- if (batikPkg.startsWith("script"))
- return false;
-
- // Don't let them get global structures.
- if (batikPkg.startsWith("apps"))
- return false;
-
- // Don't let them get scripting stuff from bridge, but specifically
- // allow access to:
- //
- // o.a.b.bridge.ScriptingEnvironment$Window$IntervalScriptTimerTask
- // o.a.b.bridge.ScriptingEnvironment$Window$IntervalRunnableTimerTask
- // o.a.b.bridge.ScriptingEnvironment$Window$TimeoutScriptTimerTask
- // o.a.b.bridge.ScriptingEnvironment$Window$TimeoutRunnableTimerTask
- //
- // since objects of these classes are returned by setInterval() and
- // setTimeout().
- if (batikPkg.startsWith("bridge.")) {
- String batikBridgeClass = batikPkg.substring(7);
- if (batikBridgeClass.startsWith("ScriptingEnvironment")) {
- if (batikBridgeClass.startsWith("$Window$", 20)) {
- String c = batikBridgeClass.substring(28);
- if (c.equals("IntervalScriptTimerTask")
- || c.equals("IntervalRunnableTimerTask")
- || c.equals("TimeoutScriptTimerTask")
- || c.equals("TimeoutRunnableTimerTask")) {
- return true;
- }
- }
- return false;
- }
- if (batikBridgeClass.startsWith("BaseScriptingEnvironment")) {
- return false;
- }
+ for (String v : WHITELIST) {
+ if (fullClassName.matches(v)) {
+ return true;
}
}
-
- return true;
+ return false;
}
}
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/svggen/DOMTreeManager.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/svggen/DOMTreeManager.java
index 7454e719b..089461300 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/svggen/DOMTreeManager.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/svggen/DOMTreeManager.java
@@ -18,18 +18,18 @@
*/
package org.apache.batik.svggen;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.ArrayList;
+import java.util.Collections;
+
import org.apache.batik.ext.awt.g2d.GraphicContext;
import org.w3c.dom.Comment;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-
/**
* This class is used by the SVGGraphics2D SVG Generator to manage
* addition of new Nodes to the SVG DOM Tree. This class handles
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java
index 99ed8d976..98cfc100e 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/SVGAbstractTranscoder.java
@@ -18,6 +18,14 @@
*/
package org.apache.batik.transcoder;
+import java.awt.Dimension;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Dimension2D;
+import java.awt.geom.Rectangle2D;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.StringTokenizer;
+
import org.apache.batik.anim.dom.SAXSVGDocumentFactory;
import org.apache.batik.anim.dom.SVGDOMImplementation;
import org.apache.batik.anim.dom.SVGOMDocument;
@@ -27,8 +35,8 @@ import org.apache.batik.bridge.BridgeException;
import org.apache.batik.bridge.DefaultScriptSecurity;
import org.apache.batik.bridge.ExternalResourceSecurity;
import org.apache.batik.bridge.GVTBuilder;
-import org.apache.batik.bridge.NoLoadExternalResourceSecurity;
import org.apache.batik.bridge.NoLoadScriptSecurity;
+import org.apache.batik.bridge.RelaxedExternalResourceSecurity;
import org.apache.batik.bridge.RelaxedScriptSecurity;
import org.apache.batik.bridge.SVGUtilities;
import org.apache.batik.bridge.ScriptSecurity;
@@ -52,14 +60,6 @@ import org.w3c.dom.DOMImplementation;
import org.w3c.dom.Document;
import org.w3c.dom.svg.SVGSVGElement;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.StringTokenizer;
-import java.awt.Dimension;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Dimension2D;
-import java.awt.geom.Rectangle2D;
-
/**
* This class may be the base class of all transcoders which take an
* SVG document as input and which need to build a DOM tree. The
@@ -1116,9 +1116,9 @@ public abstract class SVGAbstractTranscoder extends XMLAbstractTranscoder {
public ExternalResourceSecurity getExternalResourceSecurity(ParsedURL resourceURL, ParsedURL docURL) {
if (isAllowExternalResources()) {
- return super.getExternalResourceSecurity(resourceURL, docURL);
+ return new RelaxedExternalResourceSecurity(resourceURL, docURL);
}
- return new NoLoadExternalResourceSecurity();
+ return super.getExternalResourceSecurity(resourceURL, docURL);
}
public boolean isAllowExternalResources() {
@@ -1126,7 +1126,7 @@ public abstract class SVGAbstractTranscoder extends XMLAbstractTranscoder {
if (b != null) {
return b;
}
- return true;
+ return false;
}
}
}
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/image/ImageTranscoder.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/image/ImageTranscoder.java
index 9786eff5d..970d478d6 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/image/ImageTranscoder.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/image/ImageTranscoder.java
@@ -18,6 +18,16 @@
*/
package org.apache.batik.transcoder.image;
+import java.awt.AlphaComposite;
+import java.awt.Graphics2D;
+import java.awt.Paint;
+import java.awt.Shape;
+import java.awt.geom.AffineTransform;
+import java.awt.geom.Rectangle2D;
+import java.awt.image.BufferedImage;
+import java.awt.image.DataBufferInt;
+import java.awt.image.SinglePixelPackedSampleModel;
+
import org.apache.batik.ext.awt.image.GraphicsUtil;
import org.apache.batik.gvt.renderer.ConcreteImageRendererFactory;
import org.apache.batik.gvt.renderer.ImageRenderer;
@@ -30,16 +40,6 @@ import org.apache.batik.transcoder.keys.BooleanKey;
import org.apache.batik.transcoder.keys.PaintKey;
import org.w3c.dom.Document;
-import java.awt.AlphaComposite;
-import java.awt.Graphics2D;
-import java.awt.Paint;
-import java.awt.Shape;
-import java.awt.geom.AffineTransform;
-import java.awt.geom.Rectangle2D;
-import java.awt.image.BufferedImage;
-import java.awt.image.DataBufferInt;
-import java.awt.image.SinglePixelPackedSampleModel;
-
/**
* This class enables to transcode an input to an image of any format.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/svg2svg/SVGTranscoder.java b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/svg2svg/SVGTranscoder.java
index ec82c9103..b1dd4de09 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/svg2svg/SVGTranscoder.java
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/java/org/apache/batik/transcoder/svg2svg/SVGTranscoder.java
@@ -19,6 +19,12 @@
package org.apache.batik.transcoder.svg2svg;
+import java.io.IOException;
+import java.io.Reader;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.io.Writer;
+
import org.apache.batik.dom.util.DOMUtilities;
import org.apache.batik.transcoder.AbstractTranscoder;
import org.apache.batik.transcoder.ErrorHandler;
@@ -31,12 +37,6 @@ import org.apache.batik.transcoder.keys.IntegerKey;
import org.apache.batik.transcoder.keys.StringKey;
import org.w3c.dom.Document;
-import java.io.IOException;
-import java.io.Reader;
-import java.io.StringReader;
-import java.io.StringWriter;
-import java.io.Writer;
-
/**
* This class is a trancoder from SVG to SVG.
*
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/NOTICE b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/NOTICE
index d794a759a..8282b16eb 100644
--- a/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/NOTICE
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/NOTICE
@@ -1,5 +1,5 @@
Apache Batik
-Copyright 1999-2022 The Apache Software Foundation
+Copyright 1999-2023 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/UserAgentStyleSheet.css b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/UserAgentStyleSheet.css
new file mode 100644
index 000000000..81276979b
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/UserAgentStyleSheet.css
@@ -0,0 +1,6 @@
+/*
+ * The default SVG style sheet.
+ */
+svg, symbol, image, marker, pattern, foreignObject { overflow: hidden }
+
+/* svg { width:attr(width); height:attr(height) } */
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/dtdids.properties b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/dtdids.properties
new file mode 100644
index 000000000..8d6f88202
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/dom/resources/dtdids.properties
@@ -0,0 +1,68 @@
+# -----------------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# The publicIds property represents the list of SVG DTD IDs supported by
+# this SVG DOMImplementation.
+#
+# $Id$
+# -----------------------------------------------------------------------------
+
+publicIds = \
+ -//W3C//DTD SVG 1.0//EN\
+ -//W3C//DTD SVG 20010904//EN\
+ -//W3C//DTD SVG 20001102//EN\
+ -//W3C//DTD SVG 20000802//EN\
+ -//W3C//DTD SVG 20000303 Stylable//EN\
+ -//W3C//DTD SVG 1.1//EN\
+ -//W3C//DTD SVG 1.1 Basic//EN\
+ -//W3C//DTD SVG 1.1 Tiny//EN\
+ -//W3C//DTD SVG 1.2//EN
+
+systemId.-//W3C//DTD_SVG_1.0//EN = resources/svg10.dtd
+systemId.-//W3C//DTD_SVG_20010904//EN = resources/svg10.dtd
+systemId.-//W3C//DTD_SVG_20001102//EN = resources/svg10.dtd
+systemId.-//W3C//DTD_SVG_20000802//EN = resources/svg10.dtd
+systemId.-//W3C//DTD_SVG_20000303_Stylable//EN = resources/svg10.dtd
+
+systemId.-//W3C//DTD_SVG_1.1//EN = resources/svg11-flat.dtd
+systemId.-//W3C//DTD_SVG_1.1_Basic//EN = resources/svg11-basic-flat.dtd
+systemId.-//W3C//DTD_SVG_1.1_Tiny//EN = resources/svg11-tiny-flat.dtd
+systemId.-//W3C//DTD_SVG_1.2//EN = resources/svg12-flat.dtd
+
+#
+# The skippablePublicIds property represents the list of SVG DTD's we
+# can safely skip if we are not validating. Since SVG may move to
+# schema you shouldn't count on any entities from these files anyways.
+#
+skippablePublicIds = \
+ -//W3C//DTD SVG 1.0//EN\
+ -//W3C//DTD SVG 20010904//EN\
+ -//W3C//DTD SVG 20001102//EN\
+ -//W3C//DTD SVG 20000802//EN\
+ -//W3C//DTD SVG 20000303 Stylable//EN\
+ -//W3C//DTD SVG 1.1//EN\
+ -//W3C//DTD SVG 1.1 Basic//EN\
+ -//W3C//DTD SVG 1.1 Tiny//EN\
+ -//W3C//DTD SVG 1.2//EN
+
+#
+# This is an absolutely minimal DTD for SVG 1.0/1.1
+# It just defines the svg and xlink namespaces.
+skipDTD = \
+ \
+
diff --git a/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/resources/Messages.properties b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/resources/Messages.properties
new file mode 100644
index 000000000..6a2e454eb
--- /dev/null
+++ b/fine-xmlgraphics/xmlgraphics-batik/src/main/resources/org/org/apache/batik/anim/resources/Messages.properties
@@ -0,0 +1,28 @@
+# -----------------------------------------------------------------------------
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# $Id$
+# -----------------------------------------------------------------------------
+
+attribute.malformed = \
+The attribute "{1}" of the element <{0}> is invalid
+
+values.to.by.missing = \
+None of "values", "to" or "by" are specified on the element <{0}>
+
+values.to.by.path.missing = \
+None of "values", "to", "by" or "path" are specified on the element <{0}>
From 1235b6f01f5cab9d28d107655809162384477687 Mon Sep 17 00:00:00 2001
From: "Bruce.Deng"
Date: Fri, 22 Sep 2023 10:58:33 +0800
Subject: [PATCH 2/2] =?UTF-8?q?REPORT-103466=20=E5=AF=BC=E5=87=BA=E8=B4=9F?=
=?UTF-8?q?=E8=BD=BD=E9=AB=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../fr/third/com/lowagie/text/pdf/ByteBuffer.java | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/fine-itext-old/src/main/java/com/fr/third/com/lowagie/text/pdf/ByteBuffer.java b/fine-itext-old/src/main/java/com/fr/third/com/lowagie/text/pdf/ByteBuffer.java
index e48934ef0..cc145c26b 100644
--- a/fine-itext-old/src/main/java/com/fr/third/com/lowagie/text/pdf/ByteBuffer.java
+++ b/fine-itext-old/src/main/java/com/fr/third/com/lowagie/text/pdf/ByteBuffer.java
@@ -82,7 +82,8 @@ public class ByteBuffer extends OutputStream {
*/
public static boolean HIGH_PRECISION = false;
private static final DecimalFormatSymbols dfs = new DecimalFormatSymbols(Locale.US);
-
+ private static final int HALF_INTEGER = Integer.MAX_VALUE >> 1;
+
/** Creates new ByteBuffer with capacity 128 */
public ByteBuffer() {
this(128);
@@ -188,8 +189,11 @@ public class ByteBuffer extends OutputStream {
*/
public ByteBuffer append_i(int b) {
int newcount = count + 1;
+ if (newcount < 0) {
+ throw new OutOfMemoryError();
+ }
if (newcount > buf.length) {
- byte newbuf[] = new byte[Math.max(buf.length << 1, newcount)];
+ byte newbuf[] = new byte[Math.max(Math.min(buf.length, HALF_INTEGER) << 1, newcount)];
System.arraycopy(buf, 0, newbuf, 0, count);
buf = newbuf;
}
@@ -211,8 +215,11 @@ public class ByteBuffer extends OutputStream {
((off + len) > b.length) || ((off + len) < 0) || len == 0)
return this;
int newcount = count + len;
+ if (newcount < 0) {
+ throw new OutOfMemoryError();
+ }
if (newcount > buf.length) {
- byte newbuf[] = new byte[Math.max(buf.length << 1, newcount)];
+ byte newbuf[] = new byte[Math.max(Math.min(buf.length, HALF_INTEGER) << 1, newcount)];
System.arraycopy(buf, 0, newbuf, 0, count);
buf = newbuf;
}