ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-1152

Exceptions thrown from handleAuthentication can cause buffer corruption issues in NIOServer

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.3.3, 3.4.0
    • Fix Version/s: 3.4.0
    • Component/s: server
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      Exceptions thrown by an AuthenticationProvider's handleAuthentication method will not be caught, and can cause the buffers in the NIOServer to not read requests fully or properly. Any exceptions thrown here should be caught and treated as auth failure.

      1. ZOOKEEPER-1152.patch
        4 kB
        Camille Fournier

        Activity

        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12490841/ZOOKEEPER-1152.patch
        against trunk revision 1157698.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 6 new or modified tests.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed core unit tests.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//testReport/
        Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
        Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12490841/ZOOKEEPER-1152.patch against trunk revision 1157698. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 6 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/464//console This message is automatically generated.
        Hide
        Camille Fournier added a comment -

        Can someone please take a look at this? It would be nice to get this into 3.4 since it is a rather nasty thing to deal with.

        Show
        Camille Fournier added a comment - Can someone please take a look at this? It would be nice to get this into 3.4 since it is a rather nasty thing to deal with.
        Hide
        Benjamin Reed added a comment -

        +1 looks good camille. committing now.

        Show
        Benjamin Reed added a comment - +1 looks good camille. committing now.
        Hide
        Benjamin Reed added a comment -

        Updated to revision 1159927.

        Show
        Benjamin Reed added a comment - Updated to revision 1159927.
        Hide
        Hudson added a comment -

        Integrated in ZooKeeper-trunk #1272 (See https://builds.apache.org/job/ZooKeeper-trunk/1272/)
        ZOOKEEPER-1152. Exceptions thrown from handleAuthentication can cause buffer corruption issues in NIOServer.

        breed : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1159929
        Files :

        • /zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
        • /zookeeper/trunk/CHANGES.txt
        • /zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java
        Show
        Hudson added a comment - Integrated in ZooKeeper-trunk #1272 (See https://builds.apache.org/job/ZooKeeper-trunk/1272/ ) ZOOKEEPER-1152 . Exceptions thrown from handleAuthentication can cause buffer corruption issues in NIOServer. breed : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1159929 Files : /zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java /zookeeper/trunk/CHANGES.txt /zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java

          People

          • Assignee:
            Camille Fournier
            Reporter:
            Camille Fournier
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development