zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eribeiro <...@git.apache.org>
Subject [GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...
Date Fri, 17 Feb 2017 01:18:18 GMT
Github user eribeiro commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/179#discussion_r101667879
  
    --- Diff: src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
    @@ -153,13 +155,33 @@
          */
         public final static int telnetCloseCmd = 0xfff4fffd;
     
    -    final static HashMap<Integer, String> cmd2String =
    -        new HashMap<Integer, String>();
    +    private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = "zookeeper.4lw.commands.whitelist";
    +
    +    final static Map<Integer, String> cmd2String = new HashMap<Integer, String>();
    +
    +    final static Set<String> whiteListedCommands = new HashSet<String>();
     
         public static Map<Integer, String> getCmdMapView() {
             return Collections.unmodifiableMap(cmd2String);
         }
     
    +    // ZOOKEEPER-2693: Only allow white listed commands.
    +    public static Set<String> getWhiteListedCmdView() {
    --- End diff --
    
    Yeah, you right. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message