From 5cadf81ad7c5d89e39e966b10d271706505018cf Mon Sep 17 00:00:00 2001 From: "Stein.Codes" Date: Wed, 18 Oct 2023 05:38:30 +0000 Subject: [PATCH] refactor: Java Security Ultimate Security Repo Scanner 2023 Disclaimer: Automated Commit Alert Please be aware that this commit, generated through automated processes, may contain false alerts or not be precisely targeted. This automated commit is part of a large-scale effort to enhance software security over time. It is sent to various repositories to improve code quality and security. Exercise caution when reviewing the changes, and ensure that any necessary adjustments are made to maintain the integrity and functionality of the software. Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/TkgUEiqd7?organizationId=RWNsaXBzZSBGb3VuZGF0aW9u Co-authored-by: Moderne --- .../nebula/widgets/grid/GridUtils.java | 11 +++++++ .../example/e4/parts/FirstPart.java | 3 +- .../example/e4/parts/ThirdPart.java | 3 +- .../example/OscilloscopeExampleTab.java | 3 +- .../snippets/MultiScope_Basic.java | 23 ++++++++------- .../snippets/MultiScope_ScopeWithData.java | 25 ++++++++-------- ...ultiScope_ScopeWithDataAndProgression.java | 29 ++++++++++--------- ...copeWithDataAndProgression2Channels_1.java | 3 +- ...copeWithDataAndProgression2Channels_2.java | 3 +- ...copeWithDataAndProgression2Channels_3.java | 3 +- .../snippets/SnippetDispatcher.java | 19 ++++++------ .../richtext/example/PersonService.java | 3 +- .../timeline/example/TimelineExampleTab.java | 3 +- .../snippets/TimelineUsingEMFModel.java | 3 +- .../examples/TreeMapperExampleTab.java | 8 +++++ .../xviewer/core/util/XViewerUtil.java | 3 +- 16 files changed, 89 insertions(+), 56 deletions(-) diff --git a/widgets/grid/org.eclipse.nebula.widgets.grid/src/org/eclipse/nebula/widgets/grid/GridUtils.java b/widgets/grid/org.eclipse.nebula.widgets.grid/src/org/eclipse/nebula/widgets/grid/GridUtils.java index 402c5128c..4bf503b94 100644 --- a/widgets/grid/org.eclipse.nebula.widgets.grid/src/org/eclipse/nebula/widgets/grid/GridUtils.java +++ b/widgets/grid/org.eclipse.nebula.widgets.grid/src/org/eclipse/nebula/widgets/grid/GridUtils.java @@ -15,6 +15,7 @@ import java.io.OutputStream; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -68,6 +69,13 @@ public static void gridToXml(Grid grid, OutputStream outputStream) throws Parser { DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance(); + String FEATURE = "http://apache.org/xml/features/disallow-doctype-decl"; + try { + docFactory.setFeature(FEATURE, true); + } catch (ParserConfigurationException e) { + throw new IllegalStateException("ParserConfigurationException was thrown. The feature '" + + FEATURE + "' is not supported by your XML processor.", e); + } DocumentBuilder docBuilder = docFactory.newDocumentBuilder(); final Document doc = docBuilder.newDocument(); @@ -102,6 +110,9 @@ public static void gridToXml(Grid grid, OutputStream outputStream) throws Parser // write the content into xml file TransformerFactory transformerFactory = TransformerFactory.newInstance(); + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); + transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); Transformer transformer = transformerFactory.newTransformer(); transformer.setOutputProperty(OutputKeys.INDENT, INDENT_ACCEPTED_VALUE); transformer.setOutputProperty(INDET_PROPERTY, INDENT_VALUE); diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/FirstPart.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/FirstPart.java index 047a97d1e..4f1ff0ed5 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/FirstPart.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/FirstPart.java @@ -15,6 +15,7 @@ ******************************************************************************/ package org.eclipse.nebula.widgets.oscilloscope.example.e4.parts; +import java.security.SecureRandom; import java.util.Random; import javax.annotation.PostConstruct; @@ -48,7 +49,7 @@ public void createComposite(final Composite parent) { @Override public void stackEmpty(final Oscilloscope scope, final int channel) { - final Random random = new Random(); + final Random random = new SecureRandom(); if (oldp != scope.getProgression(0)) { oldp = scope.getProgression(0); ints = new int[oldp]; diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/ThirdPart.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/ThirdPart.java index 957a09867..7cc788467 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/ThirdPart.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example.e4/src/org/eclipse/nebula/widgets/oscilloscope/example/e4/parts/ThirdPart.java @@ -15,6 +15,7 @@ ******************************************************************************/ package org.eclipse.nebula.widgets.oscilloscope.example.e4.parts; +import java.security.SecureRandom; import java.util.Random; import javax.annotation.PostConstruct; @@ -61,7 +62,7 @@ private static OscilloscopeStackAdapter getStackAdapter() { @Override public void stackEmpty(final Oscilloscope scope, final int channel) { - final Random random = new Random(); + final Random random = new SecureRandom(); if (channel == 0) { diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example/src/org/eclipse/nebula/widgets/oscilloscope/example/OscilloscopeExampleTab.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example/src/org/eclipse/nebula/widgets/oscilloscope/example/OscilloscopeExampleTab.java index 094ce0b3d..79b6ccba5 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example/src/org/eclipse/nebula/widgets/oscilloscope/example/OscilloscopeExampleTab.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.example/src/org/eclipse/nebula/widgets/oscilloscope/example/OscilloscopeExampleTab.java @@ -18,6 +18,7 @@ import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.core.runtime.FileLocator; @@ -127,7 +128,7 @@ public void setRandomPulse(int v) { if (sound.getSelection()) { clipper.playClip(getActiveSoundfile(), 0); } - getOscilloscope().setValue(0, 100 - new Random().nextInt(200)); + getOscilloscope().setValue(0, 100 - new SecureRandom().nextInt(200)); } public void setSineValue(int v) { diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_Basic.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_Basic.java index 01f084329..8656150d6 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_Basic.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_Basic.java @@ -12,16 +12,17 @@ * Contributors: * Wim S. Jongman - initial API and implementation ******************************************************************************/ -package org.eclipse.nebula.widgets.oscilloscope.snippets; - -import java.io.File; -import java.util.Random; - -import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; -import org.eclipse.swt.layout.GridLayout; -import org.eclipse.swt.widgets.Display; -import org.eclipse.swt.widgets.Shell; - +package org.eclipse.nebula.widgets.oscilloscope.snippets; + +import java.io.File; +import java.security.SecureRandom; +import java.util.Random; + +import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; +import org.eclipse.swt.layout.GridLayout; +import org.eclipse.swt.widgets.Display; +import org.eclipse.swt.widgets.Shell; + /** * @author Wim.Jongman (@remainsoftware.com) * @@ -82,7 +83,7 @@ protected void createContents() { for (int i = 0; i < fCounter; i++) { - int dice = new Random().nextInt(4) + 1; + int dice = new SecureRandom().nextInt(4) + 1; if (dice == 1) { new SnippetDispatcher() { diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithData.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithData.java index 28ea78aa4..1ebf052ea 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithData.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithData.java @@ -12,17 +12,18 @@ * Contributors: * Wim S. Jongman - initial API and implementation ******************************************************************************/ -package org.eclipse.nebula.widgets.oscilloscope.snippets; - -import java.util.Random; - -import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; -import org.eclipse.nebula.widgets.oscilloscope.multichannel.OscilloscopeStackAdapter; -import org.eclipse.swt.SWT; -import org.eclipse.swt.layout.FillLayout; -import org.eclipse.swt.widgets.Display; -import org.eclipse.swt.widgets.Shell; - +package org.eclipse.nebula.widgets.oscilloscope.snippets; + +import java.security.SecureRandom; +import java.util.Random; + +import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; +import org.eclipse.nebula.widgets.oscilloscope.multichannel.OscilloscopeStackAdapter; +import org.eclipse.swt.SWT; +import org.eclipse.swt.layout.FillLayout; +import org.eclipse.swt.widgets.Display; +import org.eclipse.swt.widgets.Shell; + /** * This snippet demonstrates how to run the dispatcher in simple mode. * @@ -62,7 +63,7 @@ protected static void createContents() { scope.addStackListener(0, new OscilloscopeStackAdapter() { @Override public void stackEmpty(Oscilloscope scope, int channel) { - scope.setValue(channel, 25 - new Random().nextInt(50)); + scope.setValue(channel, 25 - new SecureRandom().nextInt(50)); } }); scope.getDispatcher(0).dispatch(); diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression.java index 2936fd681..d0d847a7a 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression.java @@ -12,19 +12,20 @@ * Contributors: * Wim S. Jongman - initial API and implementation ******************************************************************************/ -package org.eclipse.nebula.widgets.oscilloscope.snippets; - -import java.util.Random; - -import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; -import org.eclipse.nebula.widgets.oscilloscope.multichannel.OscilloscopeStackAdapter; -import org.eclipse.swt.SWT; -import org.eclipse.swt.events.ControlAdapter; -import org.eclipse.swt.events.ControlEvent; -import org.eclipse.swt.layout.FillLayout; -import org.eclipse.swt.widgets.Display; -import org.eclipse.swt.widgets.Shell; - +package org.eclipse.nebula.widgets.oscilloscope.snippets; + +import java.security.SecureRandom; +import java.util.Random; + +import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; +import org.eclipse.nebula.widgets.oscilloscope.multichannel.OscilloscopeStackAdapter; +import org.eclipse.swt.SWT; +import org.eclipse.swt.events.ControlAdapter; +import org.eclipse.swt.events.ControlEvent; +import org.eclipse.swt.layout.FillLayout; +import org.eclipse.swt.widgets.Display; +import org.eclipse.swt.widgets.Shell; + /** * This snippet demonstrates how to run the dispatcher in simple mode. * @@ -73,7 +74,7 @@ public void controlResized(ControlEvent e) { @Override public void stackEmpty(Oscilloscope scope, int channel) { - Random random = new Random(); + Random random = new SecureRandom(); if (oldp != scope.getProgression(0)) { oldp = scope.getProgression(0); ints = new int[oldp]; diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_1.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_1.java index da081a46e..8e56222bc 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_1.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_1.java @@ -14,6 +14,7 @@ ******************************************************************************/ package org.eclipse.nebula.widgets.oscilloscope.snippets; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; @@ -80,7 +81,7 @@ private static OscilloscopeStackAdapter getStackAdapter() { @Override public void stackEmpty(Oscilloscope scope, int channel) { - Random random = new Random(); + Random random = new SecureRandom(); if (channel == 0) { diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_2.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_2.java index 51a817801..5f115449a 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_2.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_2.java @@ -14,6 +14,7 @@ ******************************************************************************/ package org.eclipse.nebula.widgets.oscilloscope.snippets; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; @@ -93,7 +94,7 @@ public void stackEmpty(Oscilloscope scope, int channel) { for (int i = 0; i < scope.getChannels(); i++) { counter[i] = (double) (i + 10) / 100; System.out.println(counter[i]); - value[i] = new Random().nextInt((int) (200 * Math.PI)) / 100; + value[i] = new SecureRandom().nextInt((int) (200 * Math.PI)) / 100; } } diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_3.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_3.java index d65349f24..edadd3f96 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_3.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/MultiScope_ScopeWithDataAndProgression2Channels_3.java @@ -14,6 +14,7 @@ ******************************************************************************/ package org.eclipse.nebula.widgets.oscilloscope.snippets; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; @@ -121,7 +122,7 @@ private static OscilloscopeStackAdapter getStackAdapter() { @Override public void stackEmpty(Oscilloscope scope, int channel) { - Random random = new Random(); + Random random = new SecureRandom(); if (channel == 0) { diff --git a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/SnippetDispatcher.java b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/SnippetDispatcher.java index 44c314d24..99d1b50a6 100644 --- a/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/SnippetDispatcher.java +++ b/widgets/oscilloscope/org.eclipse.nebula.widgets.oscilloscope.snippets/src/org/eclipse/nebula/widgets/oscilloscope/snippets/SnippetDispatcher.java @@ -16,6 +16,7 @@ import java.io.ByteArrayInputStream; import java.io.File; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.nebula.widgets.oscilloscope.multichannel.Oscilloscope; @@ -90,8 +91,8 @@ public void dispatch(Shell shell) { gilloscope.setBackgroundImage(new Image(shell.getDisplay(), new ByteArrayInputStream(bytes))); - if (new Random().nextInt(2) == 1) - gilloscope.setTailSize(0,new Random().nextInt(200) + 1); + if (new SecureRandom().nextInt(2) == 1) + gilloscope.setTailSize(0,new SecureRandom().nextInt(200) + 1); else gilloscope.setTailSize(0,-1); @@ -173,7 +174,7 @@ private Control getSettings(Composite parent) { pulse.setMaximum(500); pulse.setMinimum(1); pulse.setIncrement(1); - pulse.setSelection(new Random().nextInt(70) + 30); + pulse.setSelection(new SecureRandom().nextInt(70) + 30); pulse.setToolTipText("Pulse"); Label lblTicks = new Label(group2a, SWT.NONE); @@ -189,7 +190,7 @@ private Control getSettings(Composite parent) { delay.setMaximum(500); delay.setMinimum(1); delay.setIncrement(1); - delay.setSelection(new Random().nextInt(40) + 5); + delay.setSelection(new SecureRandom().nextInt(40) + 5); delay.setToolTipText("redraw delay in ms"); Label lblMs = new Label(group2a, SWT.NONE); @@ -216,7 +217,7 @@ private Control getSettings(Composite parent) { lblTail.setText("Max tailsize"); tailSizeMax = new Button(group2a, SWT.CHECK); - tailSizeMax.setSelection(new Random().nextBoolean()); + tailSizeMax.setSelection(new SecureRandom().nextBoolean()); Label lblTailsize = new Label(group2a, SWT.NONE); lblTailsize.setLayoutData(new GridData(SWT.RIGHT, SWT.CENTER, false, @@ -226,7 +227,7 @@ private Control getSettings(Composite parent) { tailsize.setMaximum(1000); tailsize.setMinimum(1); tailsize.setIncrement(10); - tailsize.setSelection(new Random().nextInt(70) + 100); + tailsize.setSelection(new SecureRandom().nextInt(70) + 100); tailsize.setToolTipText("tail size"); Label lblSound = new Label(group2a, SWT.NONE); @@ -244,7 +245,7 @@ private Control getSettings(Composite parent) { lblSteady.setText("Steady"); steady = new Button(group2a, SWT.CHECK); - steady.setSelection(new Random().nextBoolean()); + steady.setSelection(new SecureRandom().nextBoolean()); Label lblPosition = new Label(group2a, SWT.NONE); lblPosition.setLayoutData(new GridData(SWT.RIGHT, SWT.CENTER, false, @@ -264,7 +265,7 @@ private Control getSettings(Composite parent) { lblScale.setText("Scale"); scale = new Button(group2a, SWT.CHECK); - scale.setSelection(new Random().nextBoolean()); + scale.setSelection(new SecureRandom().nextBoolean()); new Label(group2a, SWT.NONE); new Label(group2a, SWT.NONE); @@ -287,7 +288,7 @@ private Control getSettings(Composite parent) { connectButton = new Button(group2a, SWT.CHECK); connectButton.setToolTipText("connect head and tail"); - connectButton.setSelection(new Random().nextBoolean()); + connectButton.setSelection(new SecureRandom().nextBoolean()); new Label(group2a, SWT.NONE); new Label(group2a, SWT.NONE); diff --git a/widgets/richtext/org.eclipse.nebula.widgets.richtext.example/src/org/eclipse/nebula/widgets/richtext/example/PersonService.java b/widgets/richtext/org.eclipse.nebula.widgets.richtext.example/src/org/eclipse/nebula/widgets/richtext/example/PersonService.java index 4eb62f28b..dc1c8bb49 100644 --- a/widgets/richtext/org.eclipse.nebula.widgets.richtext.example/src/org/eclipse/nebula/widgets/richtext/example/PersonService.java +++ b/widgets/richtext/org.eclipse.nebula.widgets.richtext.example/src/org/eclipse/nebula/widgets/richtext/example/PersonService.java @@ -1,5 +1,6 @@ package org.eclipse.nebula.widgets.richtext.example; +import java.security.SecureRandom; import java.util.ArrayList; import java.util.List; import java.util.Random; @@ -27,7 +28,7 @@ public static Person createPerson() { String[] femaleNames = { "Marge", "Lisa", "Maggie", "Edna", "Helen", "Jessica" }; String[] lastNames = { "Simpson", "Leonard", "Carlson", "Smithers", "Flanders", "Krabappel", "Lovejoy" }; - Random randomGenerator = new Random(); + Random randomGenerator = new SecureRandom(); Person result = new Person(); result.setGender(Gender.values()[randomGenerator.nextInt(2)]); diff --git a/widgets/timeline/org.eclipse.nebula.widgets.timeline.example/src/org/eclipse/nebula/widgets/timeline/example/TimelineExampleTab.java b/widgets/timeline/org.eclipse.nebula.widgets.timeline.example/src/org/eclipse/nebula/widgets/timeline/example/TimelineExampleTab.java index 8dda692ad..8a3b63433 100644 --- a/widgets/timeline/org.eclipse.nebula.widgets.timeline.example/src/org/eclipse/nebula/widgets/timeline/example/TimelineExampleTab.java +++ b/widgets/timeline/org.eclipse.nebula.widgets.timeline.example/src/org/eclipse/nebula/widgets/timeline/example/TimelineExampleTab.java @@ -1,5 +1,6 @@ package org.eclipse.nebula.widgets.timeline.example; +import java.security.SecureRandom; import java.util.Arrays; import java.util.List; import java.util.Random; @@ -57,7 +58,7 @@ private void createRandomContent(ITimeline model) { final List lanes = Arrays.asList(requests, responses, one, two, three, four); - final Random random = new Random(12); + final Random random = new SecureRandom(); int lastPosition = 0; for (int item = 0; item < 40; item++) { final int laneIndex = random.nextInt(lanes.size()); diff --git a/widgets/timeline/org.eclipse.nebula.widgets.timeline.snippets/src/org/eclipse/nebula/widgets/timeline/snippets/TimelineUsingEMFModel.java b/widgets/timeline/org.eclipse.nebula.widgets.timeline.snippets/src/org/eclipse/nebula/widgets/timeline/snippets/TimelineUsingEMFModel.java index 46b8df65c..d84bec15a 100644 --- a/widgets/timeline/org.eclipse.nebula.widgets.timeline.snippets/src/org/eclipse/nebula/widgets/timeline/snippets/TimelineUsingEMFModel.java +++ b/widgets/timeline/org.eclipse.nebula.widgets.timeline.snippets/src/org/eclipse/nebula/widgets/timeline/snippets/TimelineUsingEMFModel.java @@ -1,5 +1,6 @@ package org.eclipse.nebula.widgets.timeline.snippets; +import java.security.SecureRandom; import java.util.Arrays; import java.util.List; import java.util.Random; @@ -76,7 +77,7 @@ private void populateModel(Shell parent) { final List lanes = Arrays.asList(apdus, apduResponses, commands, responses, another, another2); - final Random random = new Random(12); + final Random random = new SecureRandom(); int lastPosition = 0; for (int item = 0; item < 40; item++) { final int laneIndex = random.nextInt(lanes.size()); diff --git a/widgets/treemapper/org.eclipse.nebula.widgets.treemapper.examples/src/org/eclipse/nebula/widgets/treemapper/examples/TreeMapperExampleTab.java b/widgets/treemapper/org.eclipse.nebula.widgets.treemapper.examples/src/org/eclipse/nebula/widgets/treemapper/examples/TreeMapperExampleTab.java index 1be069f44..0418d5dfa 100644 --- a/widgets/treemapper/org.eclipse.nebula.widgets.treemapper.examples/src/org/eclipse/nebula/widgets/treemapper/examples/TreeMapperExampleTab.java +++ b/widgets/treemapper/org.eclipse.nebula.widgets.treemapper.examples/src/org/eclipse/nebula/widgets/treemapper/examples/TreeMapperExampleTab.java @@ -19,6 +19,7 @@ import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; import org.eclipse.nebula.examples.AbstractExampleTab; import org.eclipse.nebula.widgets.treemapper.TreeMapper; @@ -42,6 +43,13 @@ public TreeMapperExampleTab() { InputStream stream = null; try { DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + String FEATURE = "http://apache.org/xml/features/disallow-doctype-decl"; + try { + dbf.setFeature(FEATURE, true); + } catch (ParserConfigurationException e) { + throw new IllegalStateException("ParserConfigurationException was thrown. The feature '" + + FEATURE + "' is not supported by your XML processor.", e); + } DocumentBuilder db = dbf.newDocumentBuilder(); stream = this.getClass().getResourceAsStream("globalweather.wsdl"); xml = db.parse(stream); diff --git a/widgets/xviewer/org.eclipse.nebula.widgets.xviewer.core/src/org/eclipse/nebula/widgets/xviewer/core/util/XViewerUtil.java b/widgets/xviewer/org.eclipse.nebula.widgets.xviewer.core/src/org/eclipse/nebula/widgets/xviewer/core/util/XViewerUtil.java index f2c69c3c4..5f06d99d6 100644 --- a/widgets/xviewer/org.eclipse.nebula.widgets.xviewer.core/src/org/eclipse/nebula/widgets/xviewer/core/util/XViewerUtil.java +++ b/widgets/xviewer/org.eclipse.nebula.widgets.xviewer.core/src/org/eclipse/nebula/widgets/xviewer/core/util/XViewerUtil.java @@ -13,6 +13,7 @@ *******************************************************************************/ package org.eclipse.nebula.widgets.xviewer.core.util; +import java.security.SecureRandom; import java.util.Random; /** @@ -20,7 +21,7 @@ */ public class XViewerUtil { - static Random random = new Random(); + static Random random = new SecureRandom(); public static String intern(String str) { return (str == null) ? null : str.intern();