You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2016/02/10 21:12:51 UTC
ambari git commit: AMBARI-14984 - Script Alert Parameters With Shell
Characters Are Not Properly Escaped (jonathanhurley)
Repository: ambari
Updated Branches:
refs/heads/trunk 946ac82e7 -> 5e6a5556b
AMBARI-14984 - Script Alert Parameters With Shell Characters Are Not Properly Escaped (jonathanhurley)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/5e6a5556
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/5e6a5556
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/5e6a5556
Branch: refs/heads/trunk
Commit: 5e6a5556b2a40435c6d35d7851e88d896350f53d
Parents: 946ac82
Author: Jonathan Hurley <jh...@hortonworks.com>
Authored: Tue Feb 9 18:38:55 2016 -0500
Committer: Jonathan Hurley <jh...@hortonworks.com>
Committed: Wed Feb 10 15:12:42 2016 -0500
----------------------------------------------------------------------
ambari-funtest/pom.xml | 5 --
ambari-project/pom.xml | 2 +-
ambari-server/pom.xml | 5 --
.../dispatchers/AlertScriptDispatcher.java | 18 +++++-
.../services/AlertNoticeDispatchService.java | 2 +-
.../state/services/CachedAlertFlushService.java | 2 +-
.../dispatchers/AlertScriptDispatcherTest.java | 61 ++++++++++++++++++++
7 files changed, 80 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-funtest/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-funtest/pom.xml b/ambari-funtest/pom.xml
index b9c591f..4fa342f 100644
--- a/ambari-funtest/pom.xml
+++ b/ambari-funtest/pom.xml
@@ -496,11 +496,6 @@
<version>4.2.5</version>
</dependency>
<dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- <version>14.0.1</version>
- </dependency>
- <dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
<version>1.3.9</version>
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-project/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index f19ca14..ed94004 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -220,7 +220,7 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>14.0.1</version>
+ <version>16.0</version>
</dependency>
<dependency>
<groupId>com.google.code.findbugs</groupId>
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-server/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index b500fb2..51fd88b 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1179,11 +1179,6 @@
<version>4.2.5</version>
</dependency>
<dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- <version>14.0.1</version>
- </dependency>
- <dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
<version>1.3.9</version>
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-server/src/main/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcher.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcher.java b/ambari-server/src/main/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcher.java
index 092aaf4..907588d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcher.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcher.java
@@ -40,6 +40,8 @@ import org.apache.commons.lang.SystemUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.escape.Escaper;
+import com.google.common.escape.Escapers;
import com.google.inject.Inject;
/**
@@ -82,6 +84,18 @@ public class AlertScriptDispatcher implements NotificationDispatcher {
private static final long DEFAULT_SCRIPT_TIMEOUT = 5000L;
/**
+ * Used to escape text being passed into the shell command.
+ */
+ public static final Escaper SHELL_ESCAPE;
+
+ static {
+ final Escapers.Builder builder = Escapers.builder();
+ builder.addEscape('\"', "\\\"");
+ builder.addEscape('!', "\\!");
+ SHELL_ESCAPE = builder.build();
+ }
+
+ /**
* Configuration data from the ambari.properties file.
*/
@Inject
@@ -242,8 +256,8 @@ public class AlertScriptDispatcher implements NotificationDispatcher {
// these could have spaces in them, so quote them so they don't mess up the
// command line
- String alertLabel = "\"" + definition.getLabel() + "\"";
- String alertText = "\"" + alertInfo.getAlertText() + "\"";
+ String alertLabel = "\"" + SHELL_ESCAPE.escape(definition.getLabel()) + "\"";
+ String alertText = "\"" + SHELL_ESCAPE.escape(alertInfo.getAlertText()) + "\"";
Object[] params = new Object[] { script, definitionName, alertLabel, serviceName,
alertState.name(), alertText };
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-server/src/main/java/org/apache/ambari/server/state/services/AlertNoticeDispatchService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/services/AlertNoticeDispatchService.java b/ambari-server/src/main/java/org/apache/ambari/server/state/services/AlertNoticeDispatchService.java
index 3a88f37..a27bc1d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/services/AlertNoticeDispatchService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/services/AlertNoticeDispatchService.java
@@ -712,7 +712,7 @@ public class AlertNoticeDispatchService extends AbstractScheduledService {
*
* @param history
*/
- protected AlertInfo(AlertHistoryEntity history) {
+ public AlertInfo(AlertHistoryEntity history) {
m_history = history;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-server/src/main/java/org/apache/ambari/server/state/services/CachedAlertFlushService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/services/CachedAlertFlushService.java b/ambari-server/src/main/java/org/apache/ambari/server/state/services/CachedAlertFlushService.java
index 72bf68a..2e38c9b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/services/CachedAlertFlushService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/services/CachedAlertFlushService.java
@@ -76,7 +76,7 @@ public class CachedAlertFlushService extends AbstractScheduledService {
protected void startUp() throws Exception {
boolean enabled = m_configuration.isAlertCacheEnabled();
if (!enabled) {
- stop();
+ stopAsync();
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/5e6a5556/ambari-server/src/test/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcherTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcherTest.java b/ambari-server/src/test/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcherTest.java
index 12141c9..9e0e406 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcherTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/notifications/dispatchers/AlertScriptDispatcherTest.java
@@ -20,6 +20,7 @@ package org.apache.ambari.server.notifications.dispatchers;
import java.lang.reflect.Field;
import java.util.Collections;
import java.util.HashMap;
+import java.util.List;
import java.util.UUID;
import java.util.concurrent.Executor;
@@ -28,8 +29,12 @@ import org.apache.ambari.server.notifications.DispatchCallback;
import org.apache.ambari.server.notifications.DispatchFactory;
import org.apache.ambari.server.notifications.Notification;
import org.apache.ambari.server.notifications.NotificationDispatcher;
+import org.apache.ambari.server.orm.entities.AlertDefinitionEntity;
+import org.apache.ambari.server.orm.entities.AlertHistoryEntity;
+import org.apache.ambari.server.state.AlertState;
import org.apache.ambari.server.state.alert.AlertNotification;
import org.apache.ambari.server.state.alert.TargetType;
+import org.apache.ambari.server.state.services.AlertNoticeDispatchService.AlertInfo;
import org.apache.ambari.server.state.stack.OsFamily;
import org.easymock.EasyMock;
import org.junit.Before;
@@ -44,6 +49,8 @@ import com.google.inject.Guice;
import com.google.inject.Inject;
import com.google.inject.Injector;
+import junit.framework.Assert;
+
/**
* Tests {@link AlertScriptDispatcher}.
*/
@@ -217,6 +224,60 @@ public class AlertScriptDispatcherTest {
}
/**
+ * Tests that arguments given to the {@link ProcessBuilder} are properly
+ * escaped.
+ *
+ * @throws Exception
+ */
+ @Test
+ public void testArgumentEscaping() throws Exception {
+ final String ALERT_DEFINITION_NAME = "mock_alert_with_quotes";
+ final String ALERT_DEFINITION_LABEL = "Mock alert with Quotes";
+ final String ALERT_LABEL = "Alert Label";
+ final String ALERT_SERVICE_NAME = "FOO_SERVICE";
+ final String ALERT_TEXT = "Did you know, \"Quotes are hard!!!\"";
+ final String ALERT_TEXT_ESCAPED = "Did you know, \\\"Quotes are hard\\!\\!\\!\\\"";
+
+ DispatchCallback callback = EasyMock.createNiceMock(DispatchCallback.class);
+ AlertNotification notification = new AlertNotification();
+ notification.Callback = callback;
+ notification.CallbackIds = Collections.singletonList(UUID.randomUUID().toString());
+
+ AlertDefinitionEntity definition = new AlertDefinitionEntity();
+ definition.setDefinitionName(ALERT_DEFINITION_NAME);
+ definition.setLabel(ALERT_DEFINITION_LABEL);
+
+ AlertHistoryEntity history = new AlertHistoryEntity();
+ history.setAlertDefinition(definition);
+ history.setAlertLabel(ALERT_LABEL);
+ history.setAlertText(ALERT_TEXT);
+ history.setAlertState(AlertState.OK);
+ history.setServiceName(ALERT_SERVICE_NAME);
+
+ AlertInfo alertInfo = new AlertInfo(history);
+ notification.setAlertInfo(alertInfo);
+
+ AlertScriptDispatcher dispatcher = new AlertScriptDispatcher();
+ m_injector.injectMembers(dispatcher);
+
+ ProcessBuilder processBuilder = dispatcher.getProcessBuilder(SCRIPT_CONFIG_VALUE, notification);
+ List<String> commands = processBuilder.command();
+ Assert.assertEquals(3, commands.size());
+ Assert.assertEquals("sh", commands.get(0));
+ Assert.assertEquals("-c", commands.get(1));
+
+ StringBuilder buffer = new StringBuilder();
+ buffer.append(SCRIPT_CONFIG_VALUE).append(" ");
+ buffer.append(ALERT_DEFINITION_NAME).append(" ");
+ buffer.append("\"").append(ALERT_DEFINITION_LABEL).append("\"").append(" ");
+ buffer.append(ALERT_SERVICE_NAME).append(" ");
+ buffer.append(AlertState.OK).append(" ");
+ buffer.append("\"").append(ALERT_TEXT_ESCAPED).append("\"");
+
+ Assert.assertEquals(buffer.toString(), commands.get(2));
+ }
+
+ /**
*
*/
private class MockModule extends AbstractModule {