Description
Problem:
In `Configuration.java`, the `getBoolean` can accept any valueString and return the default value for any string except “true” or “false” (ignoring case):
if (StringUtils.equalsIgnoreCase("true", valueString)) return true; else if (StringUtils.equalsIgnoreCase("false", valueString)) return false; else return defaultValue;
If the user misspells some boolean configuration value, for example, “true” to “ture”, then getBoolean will directly return the default value without logging any warning message. If the default value is “false”, then Hadoop is actually using a totally different value (“false”) compared to the user’s expectation (“true”) and the user even doesn’t know it.
This can lead to serious issues, especially regarding security features.
Other projects such as Alluxio are doing more rigorous and explicit check.
https://github.com/xlab-uiuc/ctest-alluxio/blob/master/core/common/src/main/java/alluxio/conf/InstancedConfiguration.java#L366
in which the getBoolean method will fail immediately if the value is invalid.
Solution:
We can log one warning message before getBoolean return the default value for unrecognized value:
if (StringUtils.equalsIgnoreCase("true", valueString)) return true; else if (StringUtils.equalsIgnoreCase("false", valueString)) return false; else { LOG.warn("Invalid value for boolean: " + valueString + ", choose default value: " + defaultValue + " for " + name); return defaultValue; }
I attach a patch to log the warning message.