You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Ayush Saxena (Jira)" <ji...@apache.org> on 2020/04/09 18:04:00 UTC

[jira] [Assigned] (HADOOP-16962) Making `getBoolean` log warning message for unrecognized value

     [ https://issues.apache.org/jira/browse/HADOOP-16962?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ayush Saxena reassigned HADOOP-16962:
-------------------------------------

    Assignee: Ctest

> Making `getBoolean` log warning message for unrecognized value
> --------------------------------------------------------------
>
>                 Key: HADOOP-16962
>                 URL: https://issues.apache.org/jira/browse/HADOOP-16962
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: conf
>            Reporter: Ctest
>            Assignee: Ctest
>            Priority: Major
>         Attachments: HADOOP-16962.001.patch
>
>
> *Problem:*
> In `Configuration.java`, the `getBoolean` can accept any valueString and return the default value for any string except “true” or “false” (ignoring case):
> {code:java}
> if (StringUtils.equalsIgnoreCase("true", valueString))
>   return true;
> else if (StringUtils.equalsIgnoreCase("false", valueString))
>   return false;
> else return defaultValue;{code}
> If the user misspells some boolean configuration value, for example, “true” to “ture”, then getBoolean will directly return the default value without logging any warning message. If the default value is “false”, then Hadoop is actually using a totally different value (“false”) compared to the user’s expectation (“true”) and the user even doesn’t know it.
> This can lead to serious issues, especially regarding security features.
> Other projects such as Alluxio are doing more rigorous and explicit check.
> [https://github.com/xlab-uiuc/ctest-alluxio/blob/master/core/common/src/main/java/alluxio/conf/InstancedConfiguration.java#L366]
> in which the getBoolean method will fail immediately if the value is invalid.
>  
> *Solution:*
> We can log one warning message before getBoolean return the default value for unrecognized value:
> {code:java}
> if (StringUtils.equalsIgnoreCase("true", valueString))
>   return true;
> else if (StringUtils.equalsIgnoreCase("false", valueString))
>   return false;
> else {
>   LOG.warn("Invalid value for boolean: " + valueString +
>            ", choose default value: " + defaultValue + " for " + name);
>   return defaultValue;
> }{code}
> I attach a patch to log the warning message.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org