You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Keith Turner (JIRA)" <ji...@apache.org> on 2014/04/04 21:14:15 UTC

[jira] [Updated] (ACCUMULO-1987) Incorrect handling of auth byte sequences in TabletServer

     [ https://issues.apache.org/jira/browse/ACCUMULO-1987?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keith Turner updated ACCUMULO-1987:
-----------------------------------

    Affects Version/s:     (was: 1.6.0)

> Incorrect handling of auth byte sequences in TabletServer
> ---------------------------------------------------------
>
>                 Key: ACCUMULO-1987
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1987
>             Project: Accumulo
>          Issue Type: Bug
>            Reporter: Michael Allen
>            Assignee: Michael Allen
>             Fix For: 1.6.0
>
>         Attachments: Fixes-byte-buffer-copy-bug.patch
>
>
> In TabletServer.java: 667
> return security.userHasAuthorizations(credentials, Collections.<ByteBuffer> singletonList(ByteBuffer.wrap(****auth.getBackingArray()****)));
> (Emphasis mine obviously)
> That getBackingArray() will return the whole array even when the auth object has limits set upon it.  That has the effect of passing labels to userHasAuthorization() that are incorrect.  For instance, if your label expression has & and | in it, it will pass the entire string as the label string, as opposed to just one part of it in certain parts of the parsing.
> The fix is to also use the auth.offset() and auth.length() parameters when building the ByteBuffer.  Patch coming.



--
This message was sent by Atlassian JIRA
(v6.2#6252)