You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Dapeng Sun (JIRA)" <ji...@apache.org> on 2016/03/03 04:45:18 UTC
[jira] [Commented] (HADOOP-12869) CryptoInputStream#read() may
return incorrect result
[ https://issues.apache.org/jira/browse/HADOOP-12869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15177100#comment-15177100 ]
Dapeng Sun commented on HADOOP-12869:
-------------------------------------
Added [~dian.fu] who investigated this issue together with me.
> CryptoInputStream#read() may return incorrect result
> ----------------------------------------------------
>
> Key: HADOOP-12869
> URL: https://issues.apache.org/jira/browse/HADOOP-12869
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.7.2, 3.0.0
> Reporter: Dapeng Sun
> Assignee: Dapeng Sun
> Priority: Critical
> Attachments: HADOOP-12869.001.patch
>
>
> Here is the comment of {{FilterInputStream#read()}}:
> {noformat}
> /**
> * Reads the next byte of data from this input stream. The value
> * byte is returned as an <code>int</code> in the range
> * <code>0</code> to <code>255</code>. If no byte is available
> * because the end of the stream has been reached, the value
> * <code>-1</code> is returned. This method blocks until input data
> * is available, the end of the stream is detected, or an exception
> * is thrown.
> * <p>
> * This method
> * simply performs <code>in.read()</code> and returns the result.
> *
> * @return the next byte of data, or <code>-1</code> if the end of the
> * stream is reached.
> * @exception IOException if an I/O error occurs.
> * @see java.io.FilterInputStream#in
> */
> public int read() throws IOException {
> return in.read();
> }
> {noformat}
> Here is the implementation of {{CryptoInputStream#read()}} in Hadoop Common:
> {noformat}
> @Override
> public int read() throws IOException {
> return (read(oneByteBuf, 0, 1) == -1) ? -1 : (oneByteBuf[0] & 0xff);
> }
> {noformat}
> The return value of {{read(oneByteBuf, 0, 1)}} maybe 1, -1 and 0:
> For {{1}}: we should return the content of {{oneByteBuf}}
> For {{-1}}: we should return {{-1}} to stand for the end of stream
> For {{0}}: it means we didn't get decryption data back and it is not the end of the stream, we should continue to decrypt the stream. But it return {{0}} on {{read()}} in current implementation, it means the decrypted content is {{0}} and it is incorrect.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)