You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues-all@impala.apache.org by "Gergely Farkas (Jira)" <ji...@apache.org> on 2023/08/16 09:40:00 UTC

[jira] [Resolved] (IMPALA-12341) hs2 http authentication may fail due to header parsing issues if any prefix of the word "authorization" is present as a header in the http request

     [ https://issues.apache.org/jira/browse/IMPALA-12341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gergely Farkas resolved IMPALA-12341.
-------------------------------------
    Resolution: Fixed

> hs2 http authentication may fail due to header parsing issues if any prefix of the word "authorization" is present as a header in the http request
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: IMPALA-12341
>                 URL: https://issues.apache.org/jira/browse/IMPALA-12341
>             Project: IMPALA
>          Issue Type: Bug
>            Reporter: Gergely Farkas
>            Assignee: Gergely Farkas
>            Priority: Major
>
> Unfortunately, the THttpServer::parseHeader() function has a header parsing bug that could lead to an authentication problem:
> The THRIFT_strncasecmp() function used in the implementation returns true even if the name of the header being processed is a prefix of the header constant that is defined in the condition. For example: When processing the http header "auth: anyValue", we run into the code fragment where the Authorization header content is processed, because the condition THRIFT_strncasecmp("auth: anyValue", "Authorization", 4) == 0) is true, since the first 4 characters of the two strings are the same. This may break authentication if the http request has a header with a name that is a prefix to the word "Authorization" and that header is sent by the client after the "Authorization" header.
> The affected code fragment was originally added to the impala code from the Apache Thrift code. A bug ticket created to fix the issue in Thrift: https://issues.apache.org/jira/browse/THRIFT-5730 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org