hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Wang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6368) TransferFsImage#receiveFile() should perform validation on fsImageName parameter
Date Thu, 15 May 2014 00:44:41 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13998331#comment-13998331
] 

Andrew Wang commented on HDFS-6368:
-----------------------------------

Ted, note that ImageServlet#validateRequest checks that the upload comes from an authorized
user. If an attacker has compromised the NN or superuser account, many other bad things can
also happen.

I guess we could still validate, but I'm inclined to close as "not a problem".

> TransferFsImage#receiveFile() should perform validation on fsImageName parameter
> --------------------------------------------------------------------------------
>
>                 Key: HDFS-6368
>                 URL: https://issues.apache.org/jira/browse/HDFS-6368
>             Project: Hadoop HDFS
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Priority: Minor
>
> Currently only null check is performed:
> {code}
>           if (fsImageName == null) {
>             throw new IOException("No filename header provided by server");
>           }
>           newLocalPaths.add(new File(localPath, fsImageName));
> {code}
> Value of fsImageName, obtained from HttpURLConnection header, may be tainted.
> This may allow an attacker to access, modify, or test the existence of critical or sensitive
files.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message