You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/05/30 23:36:04 UTC
[jira] [Commented] (ZOOKEEPER-2797) Invalid TTL from misbehaving
client nukes zookeeper
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2797?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16030363#comment-16030363 ]
ASF GitHub Bot commented on ZOOKEEPER-2797:
-------------------------------------------
GitHub user packysauce opened a pull request:
https://github.com/apache/zookeeper/pull/267
ZOOKEEPER-2797 Defend against bad TTLs from misbehaving clients
Validate the TTL before it makes it to the commit processor to prevent blowing up ZK
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/packysauce/zookeeper protect_from_bad_ttl
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/zookeeper/pull/267.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #267
----
commit 00541acbbffcd6c3d4267078f1644e554e1200f8
Author: Patrick White <pa...@patrickwhite.org>
Date: 2017-05-30T20:22:41Z
ZOOKEEPER-2797 Defend against bad TTLs from misbehaving clients
----
> Invalid TTL from misbehaving client nukes zookeeper
> ---------------------------------------------------
>
> Key: ZOOKEEPER-2797
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2797
> Project: ZooKeeper
> Issue Type: Bug
> Components: security, server
> Affects Versions: 3.6.0
> Reporter: Patrick White
>
> I was adding container and TTL support to kazoo, and managed to screw something up which set the TTL to a negative value. This invalid TTL blew up the commit processor, and got written to the log, preventing the zookeepers from starting back up.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)