You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Lars Francke <as...@lars-francke.de> on 2020/01/21 12:14:43 UTC

Review Request 72032: RANGER-2708 Ranger public group check uses wrong comparison for equality

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72032/
-----------------------------------------------------------

Review request for ranger.


Bugs: RANGER-2708
    https://issues.apache.org/jira/browse/RANGER-2708


Repository: ranger


Description
-------

In RangerBizUtil#checkUsrPermForPolicy we can find this piece of code:

    matchFound = (publicGroupId != null && publicGroupId == permMap.getGroupId()) || isGroupInList(permMap.getGroupId(), userGroups);

publicGroupId and permMap.getGroupId() are both Long so testing equality using "==" is wrong and only works "by accident" or not at all depending on the JVM.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 21308b1e7 


Diff: https://reviews.apache.org/r/72032/diff/1/


Testing
-------


Thanks,

Lars Francke

Re: Review Request 72032: RANGER-2708 Ranger public group check uses wrong comparison for equality

Posted by Pradeep Agrawal <pr...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72032/#review219368
-----------------------------------------------------------


Ship it!




Ship It!

- Pradeep Agrawal


On Jan. 21, 2020, 12:14 p.m., Lars Francke wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72032/
> -----------------------------------------------------------
> 
> (Updated Jan. 21, 2020, 12:14 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2708
>     https://issues.apache.org/jira/browse/RANGER-2708
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> In RangerBizUtil#checkUsrPermForPolicy we can find this piece of code:
> 
>     matchFound = (publicGroupId != null && publicGroupId == permMap.getGroupId()) || isGroupInList(permMap.getGroupId(), userGroups);
> 
> publicGroupId and permMap.getGroupId() are both Long so testing equality using "==" is wrong and only works "by accident" or not at all depending on the JVM.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 21308b1e7 
> 
> 
> Diff: https://reviews.apache.org/r/72032/diff/1/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Lars Francke
> 
>