Mailing-List: contact hdfs-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
Reply-To: hdfs-issues@hadoop.apache.org
Date: Wed, 2 May 2012 03:13:20 +0000 (UTC)
From: "Hadoop QA (JIRA)" <jira@apache.org>
To: hdfs-issues@hadoop.apache.org
Message-ID: 
 <231577439.15815.1335928400376.JavaMail.tomcat@hel.zones.apache.org>
In-Reply-To: 
 <1778106562.10100.1332534808103.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Commented] (HDFS-3134) harden edit log loader against
 malformed or malicious input
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/HDFS-3134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13266308#comment-13266308 ] 

Hadoop QA commented on HDFS-3134:
---------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12525248/HDFS-3134.007.patch
  against trunk revision .

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 1 new or modified test files.

    -1 javadoc.  The javadoc tool appears to have generated 2 warning messages.

    +1 javac.  The applied patch does not increase the total number of javac compiler warnings.

    +1 eclipse:eclipse.  The patch built with eclipse:eclipse.

    -1 findbugs.  The patch appears to introduce 1 new Findbugs (version 1.3.9) warnings.

    +1 release audit.  The applied patch does not increase the total number of release audit warnings.

    +1 core tests.  The patch passed unit tests in hadoop-hdfs-project/hadoop-hdfs.

    +1 contrib tests.  The patch passed contrib unit tests.

Test results: https://builds.apache.org/job/PreCommit-HDFS-Build/2359//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HDFS-Build/2359//artifact/trunk/trunk/patchprocess/newPatchFindbugsWarningshadoop-hdfs.html
Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/2359//console

This message is automatically generated.
                
> harden edit log loader against malformed or malicious input
> -----------------------------------------------------------
>
>                 Key: HDFS-3134
>                 URL: https://issues.apache.org/jira/browse/HDFS-3134
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: name-node
>    Affects Versions: 0.23.0
>            Reporter: Colin Patrick McCabe
>            Assignee: Colin Patrick McCabe
>         Attachments: HDFS-3134.001.patch, HDFS-3134.002.patch, HDFS-3134.003.patch, HDFS-3134.004.patch, HDFS-3134.005.patch, HDFS-3134.006.patch, HDFS-3134.007.patch
>
>
> Currently, the edit log loader does not handle bad or malicious input sensibly.
> We can often cause OutOfMemory exceptions, null pointer exceptions, or other unchecked exceptions to be thrown by feeding the edit log loader bad input.  In some environments, an out of memory error can cause the JVM process to be terminated.
> It's clear that we want these exceptions to be thrown as IOException instead of as unchecked exceptions.  We also want to avoid out of memory situations.
> The main task here is to put a sensible upper limit on the lengths of arrays and strings we allocate on command.  The other task is to try to avoid creating unchecked exceptions (by dereferencing potentially-NULL pointers, for example).  Instead, we should verify ahead of time and give a more sensible error message that reflects the problem with the input.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira