Uploaded image for project: 'Hadoop YARN'
  1. Hadoop YARN
  2. YARN-5065 Umbrella JIRA of SLS fixes / improvements
  3. YARN-6506

Fix the code vulnerability of org.apache.hadoop.yarn.sls.SLSRunner.simulateInfoMap

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Cannot Reproduce
    • None
    • None
    • scheduler-load-simulator
    • None

    Description

      It is reported by findbugs in YARN-6423.

      MS_MUTABLE_COLLECTION: Field is a mutable collection

      A mutable collection instance is assigned to a final static field, thus can be changed by malicious code or by accident from another package. Consider wrapping this field into Collections.unmodifiableSet/List/Map/etc. to avoid this vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            yufeigu Yufei Gu
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: