Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12579

Deprecate WriteableRPCEngine

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.0.0-alpha2
    • None
    • None

    Description

      The WriteableRPCEninge depends on Java's serialization mechanisms for RPC requests. Without proper checks, it has be shown that it can lead to security vulnerabilities such as remote code execution (e.g., COLLECTIONS-580, HADOOP-12577).

      The current implementation has migrated from WriteableRPCEngine to ProtobufRPCEngine now. This jira proposes to deprecate WriteableRPCEngine in branch-2 and to remove it in trunk.

      Attachments

        1. HADOOP-12579-v1.patch
          61 kB
          Kai Zheng
        2. HADOOP-12579-v10.patch
          103 kB
          Kai Zheng
        3. HADOOP-12579-v11.patch
          103 kB
          Kai Zheng
        4. HADOOP-12579-v12.patch
          1 kB
          Wei Zhou
        5. HADOOP-12579-v3.patch
          86 kB
          Kai Zheng
        6. HADOOP-12579-v4.patch
          65 kB
          Kai Zheng
        7. HADOOP-12579-v5.patch
          99 kB
          Kai Zheng
        8. HADOOP-12579-v6.patch
          101 kB
          Kai Zheng
        9. HADOOP-12579-v7.patch
          101 kB
          Kai Zheng
        10. HADOOP-12579-v8.patch
          103 kB
          Kai Zheng
        11. HADOOP-12579-v9.patch
          103 kB
          Kai Zheng

        Issue Links

          breaks

          Bug - A problem which impairs or prevents the functions of the product. MAPREDUCE-6705 Task failing continuously on trunk

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. YARN-5163 Migrate TestClientToAMTokens and TestClientRMTokens tests from the old RPC engine

          • Major - Major loss of function.
          • Resolved
          depends upon

          Improvement - An improvement or enhancement to an existing feature or task. MAPREDUCE-6706 Update TaskUmbilicalProtocol to use ProtobufRPCEngine

          • Major - Major loss of function.
          • Open
          incorporates

          Bug - A problem which impairs or prevents the functions of the product. MAPREDUCE-6775 Fix MapReduce failures caused by default RPC engine changing

          • Major - Major loss of function.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-12818 Deprecate RPC#waitForProxy and cleanup

          • Major - Major loss of function.
          • Patch Available
          relates to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-14511 WritableRpcEngine.Invocation#toString NPE on null parameters

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-12577 Bump up commons-collections version to 3.2.2 to address a security flaw

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. COLLECTIONS-580 Arbitrary remote code execution with InvokerTransformer

          • Major - Major loss of function.
          • Closed

          Activity

            People

              zhouwei Wei Zhou
              wheat9 Haohui Mai
              Votes:
              0 Vote for this issue
              Watchers:
              17 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: