[HBASE-8811] REST service ignores misspelled "check=" parameter, causing unexpected mutations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 0.98.0, 0.95.2, 0.94.9
Fix Version/s: 0.98.0, 0.95.2, 0.94.10
Component/s: REST
Labels:
None

Description

In rest.RowResource.update(), this code keeps executing a request if a misspelled check= parameter is provided.

    if (CHECK_PUT.equalsIgnoreCase(check)) {
      return checkAndPut(model);
    } else if (CHECK_DELETE.equalsIgnoreCase(check)) {
      return checkAndDelete(model);
    } else if (check != null && check.length() > 0) {
      LOG.warn("Unknown check value: " + check + ", ignored");
    }

By my reading of the code, this results in the provided cell value that was intended as a check instead being treated as a mutation, which is sure to destroy user data. Thus the priority of this bug, as it can cause corruption.

I suggest that a better reaction than a warning would be, approximately:

return Response.status(Response.Status.BAD_REQUEST)
        .type(MIMETYPE_TEXT).entity("Invalid check value '" + check + "'")
        .build();

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

8811.patch
27/Jun/13 05:03
2 kB
Andrew Kyle Purtell
8811-0.94.patch
27/Jun/13 05:03
2 kB
Andrew Kyle Purtell

Activity

People

Assignee:: Chip Salzenberg

Reporter:: Chip Salzenberg

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Jun/13 02:00

Updated:: 24/Jul/13 19:08

Resolved:: 27/Jun/13 05:07