From yarn-issues-return-144477-archive-asf-public=cust-asf.ponee.io@hadoop.apache.org Tue May 8 19:57:04 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id D829818063B for ; Tue, 8 May 2018 19:57:03 +0200 (CEST) Received: (qmail 52486 invoked by uid 500); 8 May 2018 17:57:02 -0000 Mailing-List: contact yarn-issues-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list yarn-issues@hadoop.apache.org Received: (qmail 52475 invoked by uid 99); 8 May 2018 17:57:02 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 08 May 2018 17:57:02 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 5CB88C0111 for ; Tue, 8 May 2018 17:57:02 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -109.511 X-Spam-Level: X-Spam-Status: No, score=-109.511 tagged_above=-999 required=6.31 tests=[ENV_AND_HDR_SPF_MATCH=-0.5, KAM_ASCII_DIVIDERS=0.8, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_SPF_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id J-ULxw-MeNA5 for ; Tue, 8 May 2018 17:57:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id F0ED15FB4C for ; Tue, 8 May 2018 17:57:00 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 81AD1E12F2 for ; Tue, 8 May 2018 17:57:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 3A3D02129D for ; Tue, 8 May 2018 17:57:00 +0000 (UTC) Date: Tue, 8 May 2018 17:57:00 +0000 (UTC) From: "Eric Yang (JIRA)" To: yarn-issues@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (YARN-8207) Docker container launch use popen have risk of shell expansion MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/YARN-8207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16467762#comment-16467762 ] Eric Yang commented on YARN-8207: --------------------------------- [~jlowe] I see what you mean now, and patch 10 updated accordingly for initialize args and make_string check. One concern about the shallow copy, struct args buffer supposedly disappeared after construct_docker_command. This was the reason that I used deep copy to extract the data. Now, I am retaining the pointer reference to strings internal to struct args buffer instead of deep copy. Wouldn't those strings get overwritten at some point or they will be reserved until copy is freed up? > Docker container launch use popen have risk of shell expansion > -------------------------------------------------------------- > > Key: YARN-8207 > URL: https://issues.apache.org/jira/browse/YARN-8207 > Project: Hadoop YARN > Issue Type: Sub-task > Components: yarn-native-services > Affects Versions: 3.0.0, 3.1.0, 3.0.1, 3.0.2 > Reporter: Eric Yang > Assignee: Eric Yang > Priority: Blocker > Labels: Docker > Attachments: YARN-8207.001.patch, YARN-8207.002.patch, YARN-8207.003.patch, YARN-8207.004.patch, YARN-8207.005.patch, YARN-8207.006.patch, YARN-8207.007.patch, YARN-8207.008.patch, YARN-8207.009.patch > > > Container-executor code utilize a string buffer to construct docker run command, and pass the string buffer to popen for execution. Popen spawn a shell to run the command. Some arguments for docker run are still vulnerable to shell expansion. The possible solution is to convert from char * buffer to string array for execv to avoid shell expansion. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org For additional commands, e-mail: yarn-issues-help@hadoop.apache.org