You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by ng...@apache.org on 2020/01/13 18:27:09 UTC
[hive] branch branch-3 updated: HIVE-22708: Fix for HttpTransport
to replace String.equals (Naveen Gangam, reviewed by Peter Vary)
This is an automated email from the ASF dual-hosted git repository.
ngangam pushed a commit to branch branch-3
in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/branch-3 by this push:
new 689263a HIVE-22708: Fix for HttpTransport to replace String.equals (Naveen Gangam, reviewed by Peter Vary)
689263a is described below
commit 689263a5afd642582c624120dae7aca8a8046132
Author: Naveen Gangam <ng...@cloudera.com>
AuthorDate: Mon Jan 13 13:05:46 2020 -0500
HIVE-22708: Fix for HttpTransport to replace String.equals (Naveen Gangam, reviewed by Peter Vary)
---
service/src/java/org/apache/hive/service/CookieSigner.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/service/src/java/org/apache/hive/service/CookieSigner.java b/service/src/java/org/apache/hive/service/CookieSigner.java
index ec741ed..c4d88de 100644
--- a/service/src/java/org/apache/hive/service/CookieSigner.java
+++ b/service/src/java/org/apache/hive/service/CookieSigner.java
@@ -81,7 +81,7 @@ public class CookieSigner {
if (LOG.isDebugEnabled()) {
LOG.debug("Signature generated for " + rawValue + " inside verify is " + currentSignature);
}
- if (!originalSignature.equals(currentSignature)) {
+ if (!MessageDigest.isEqual(originalSignature.getBytes(), currentSignature.getBytes())) {
throw new IllegalArgumentException("Invalid sign, original = " + originalSignature +
" current = " + currentSignature);
}