You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by ji...@apache.org on 2020/04/10 22:43:52 UTC
[druid] branch 0.18.0 updated: Indexing Service validates
externally received taskId (#9666) (#9672)
This is an automated email from the ASF dual-hosted git repository.
jihoonson pushed a commit to branch 0.18.0
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/0.18.0 by this push:
new 644c853 Indexing Service validates externally received taskId (#9666) (#9672)
644c853 is described below
commit 644c85312486060e7c58a4eb0fb58c195e9ef62b
Author: Suneet Saldanha <44...@users.noreply.github.com>
AuthorDate: Fri Apr 10 15:43:39 2020 -0700
Indexing Service validates externally received taskId (#9666) (#9672)
Addresses issues flagged by https://lgtm.com/rules/5970070/
---
.../druid/indexing/overlord/http/security/TaskResourceFilter.java | 2 ++
.../org/apache/druid/indexing/worker/http/WorkerResource.java | 8 +++++---
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/http/security/TaskResourceFilter.java b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/http/security/TaskResourceFilter.java
index af1f822..042c2a2 100644
--- a/indexing-service/src/main/java/org/apache/druid/indexing/overlord/http/security/TaskResourceFilter.java
+++ b/indexing-service/src/main/java/org/apache/druid/indexing/overlord/http/security/TaskResourceFilter.java
@@ -25,6 +25,7 @@ import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import com.google.inject.Inject;
import com.sun.jersey.spi.container.ContainerRequest;
+import org.apache.druid.indexer.TaskIdUtils;
import org.apache.druid.indexing.common.task.Task;
import org.apache.druid.indexing.overlord.TaskStorageQueryAdapter;
import org.apache.druid.java.util.common.StringUtils;
@@ -81,6 +82,7 @@ public class TaskResourceFilter extends AbstractResourceFilter
).getPath()
);
taskId = StringUtils.urlDecode(taskId);
+ TaskIdUtils.validateId("taskId", taskId);
Optional<Task> taskOptional = taskStorageQueryAdapter.getTask(taskId);
if (!taskOptional.isPresent()) {
diff --git a/indexing-service/src/main/java/org/apache/druid/indexing/worker/http/WorkerResource.java b/indexing-service/src/main/java/org/apache/druid/indexing/worker/http/WorkerResource.java
index cafabc9..dd108f3 100644
--- a/indexing-service/src/main/java/org/apache/druid/indexing/worker/http/WorkerResource.java
+++ b/indexing-service/src/main/java/org/apache/druid/indexing/worker/http/WorkerResource.java
@@ -27,6 +27,7 @@ import com.google.common.collect.Lists;
import com.google.common.io.ByteSource;
import com.google.inject.Inject;
import com.sun.jersey.spi.container.ResourceFilters;
+import org.apache.druid.indexer.TaskIdUtils;
import org.apache.druid.indexing.overlord.TaskRunner;
import org.apache.druid.indexing.overlord.TaskRunnerWorkItem;
import org.apache.druid.indexing.worker.Worker;
@@ -184,10 +185,11 @@ public class WorkerResource
@Produces(HttpMediaType.TEXT_PLAIN_UTF8)
@ResourceFilters(StateResourceFilter.class)
public Response doGetLog(
- @PathParam("taskid") String taskid,
+ @PathParam("taskid") String taskId,
@QueryParam("offset") @DefaultValue("0") long offset
)
{
+ TaskIdUtils.validateId("taskId", taskId);
if (!(taskRunner instanceof TaskLogStreamer)) {
return Response.status(501)
.entity(StringUtils.format(
@@ -197,7 +199,7 @@ public class WorkerResource
.build();
}
try {
- final Optional<ByteSource> stream = ((TaskLogStreamer) taskRunner).streamTaskLog(taskid, offset);
+ final Optional<ByteSource> stream = ((TaskLogStreamer) taskRunner).streamTaskLog(taskId, offset);
if (stream.isPresent()) {
return Response.ok(stream.get().openStream()).build();
@@ -206,7 +208,7 @@ public class WorkerResource
}
}
catch (IOException e) {
- log.warn(e, "Failed to read log for task: %s", taskid);
+ log.warn(e, "Failed to read log for task: %s", taskId);
return Response.serverError().build();
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org