Ubuntu
saxonb package

extension functions disabled in Saxon B XSLT 2.0 processor

Bug #412517 reported by Jerzy Jalocha N
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
saxonb (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

---- modified description to describe how to re-enable extension functions ----
The extension functions are disabled by default in the Saxon B XSLT 2.0 processor that is packaged for Ubuntu/Debian. The resulting error messages can be confusing, especially to those following directions that apply for the original upstream packaging, which enables extension functions by default. The error message and/or documentation should clarify the issues and options more clearly - e.g. that if the XSLT stylesheet is trusted as an executable application, extensions can be re-enabled via the "-ext:on" option.

---- continuing from the original bug description ----

If there are are strong reasons for disabling these functions, this should be clearly expressed in the manual pages. (Note, that the manual is otherwise very complete, and descriptive.)

As an example, currently it is not possible to use the often-required xsl:result-document function:

$ saxonb-xslt -t -xsl:test.xsl -s:test.xml
Saxon 9.0.0.4J from Saxonica
Java version 1.6.0_14
Error at xsl:result-document on line 5 of file:/home/jerzy/xml/tests/test.xsl:
  xsl:result-document is disabled when extension functions are disabled
Failed to compile stylesheet. 1 error detected.

The same error happens when the program is invoked directly, circumventing the shipped script:

$ java -classpath /usr/share/java/saxonb.jar net.sf.saxon.Transform -xsl:test.xsl -s:test.xml
Error at xsl:result-document on line 5 of file:/home/jerzy/xml/tests/test.xsl:
  xsl:result-document is disabled when extension functions are disabled
Failed to compile stylesheet. 1 error detected.

The 'test.xsl' stylesheet file:
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="2.0"
      xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
   <xsl:template match="value">
      <xsl:result-document href="{.}">
         <test>
            <xsl:value-of select="."/>
         </test>
      </xsl:result-document>
   </xsl:template>
</xsl:stylesheet>

The 'test.xml' source XML file:
<?xml version='1.0' encoding='UTF-8'?>
<data>
   <value>A1</value>
   <value>B1</value>
   <value>C1</value>
   <value>A2</value>
   <value>B2</value>
   <value>C2</value>
</data>

See original description
Revision history for this message
Jerzy Jalocha N (jjalocha) wrote :

I was just told, that the -ext option enables the extension functions.

In fact, the stylesheet is processed correctly, now:

$ saxonb-xslt -ext:on -xsl:test.xsl -s:test.xml

In retrospect, I would ask, if this situation could be expressed more clearly in the manual page. Actually, it reads like:

    -ext: {[on] | [off]}
           Enable or disable the ability to invoke external Java functions
           from query files and stylesheets. Beware that enabling them is a
           potential security risk when processing untrusted files. Default:
           off.

But since I was trying to use a standard XSLT function (xsl:result-document), and not an arbitrary Java function, I didn't guess that this -ext option was the key to this problem.

Maybe a description near the top, like the following could help: "Some instructions like xsl:result-document require the -ext option to be enabled."

If that is not possible, at least the terminology should be unified: The error message complains about disabled "extension functions", while the manual page describes "external Java functions".

Thank you!

Neal McBurnett (nealmcb)
Changed in saxonb (Ubuntu):
status: New → Confirmed
Revision history for this message
Neal McBurnett (nealmcb) wrote :

I agree that this is confusing, and perhaps the error message itself could at least clarify that it is a security issue, and that if the input is trusted then it is simple to turn the option back on.

There is a bit more information in the /usr/share/doc/libsaxonb-java/README.Debian file, clarifying that the default is different in the Debian (and thus Ubuntu) packaging of saxonb than in the original upstream distribution. It says:

Calls on external Java functions disabled by default
----------------------------------------------------

By default, SaxonB enables calls on external Java functions to be
embedded in stylesheets or queries. Such calls can invoke arbitrary
Java methods and are thus a security risk when executing untrusted
XSLT stylesheets of XQuery queries. For this reason, SaxonB in Debian
comes with calls on external Java functions disabled by default.

If you are using the command line interface to the XSLT 2.0 or XQuery
processors of Saxon, you can enable this feature by passing the
"-ext:on" flag to your command line invocation.

If you are using SaxonB from its Java API you should set the Attribute
"FeatureKeys.ALLOW_EXTERNAL_FUNCTIONS" to "true". See the API
reference in the libsaxonb-java-doc package for more information.

Neal McBurnett (nealmcb)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.