ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-758

zkpython segfaults on invalid acl with missing key

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.3.0, 3.4.0
    • Fix Version/s: 3.3.1, 3.4.0
    • Component/s: contrib-bindings
    • Labels:
      None
    • Environment:

      ubuntu lucid (10.04)

    • Hadoop Flags:
      Reviewed

      Description

      Currently when setting an acl, there is a minimal parse to ensure that its a list of dicts, however if one of the dicts is missing a required key, the subsequent usage doesn't check for it, and will segfault.. for example using an acl of [

      {"schema":id, "id":world, permissions:PERM_ALL}

      ] will segfault if used, because the scheme key is missing (its been purposefully typo'd to schema in example).

      I've expanded the check_acl macro to include verifying that all keys are present and added some unit tests against trunk in the attachments.

      1. ZOOKEEPER-758.patch
        2 kB
        Henry Robinson
      2. ZOOKEEPER-758.patch
        2 kB
        Henry Robinson
      3. invalid-acl-fix-and-test.diff
        2 kB
        Kapil Thangavelu

        Activity

        Hide
        Henry Robinson added a comment -

        I just committed this. Thanks Kapil!

        Show
        Henry Robinson added a comment - I just committed this. Thanks Kapil!
        Hide
        Hadoop QA added a comment -

        +1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12443301/ZOOKEEPER-758.patch
        against trunk revision 939172.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 3 new or modified tests.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 findbugs. The patch does not introduce any new Findbugs warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed core unit tests.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/testReport/
        Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
        Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - +1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12443301/ZOOKEEPER-758.patch against trunk revision 939172. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 3 new or modified tests. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/79/console This message is automatically generated.
        Hide
        Henry Robinson added a comment -

        forgot --no-prefix.

        Show
        Henry Robinson added a comment - forgot --no-prefix.
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12443299/ZOOKEEPER-758.patch
        against trunk revision 939172.

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 3 new or modified tests.

        -1 patch. The patch command could not apply the patch.

        Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/78/console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12443299/ZOOKEEPER-758.patch against trunk revision 939172. +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 3 new or modified tests. -1 patch. The patch command could not apply the patch. Console output: http://hudson.zones.apache.org/hudson/job/Zookeeper-Patch-h1.grid.sp2.yahoo.net/78/console This message is automatically generated.
        Hide
        Henry Robinson added a comment -

        I have reviewed this, and it looks good. Thanks Kapil!

        Show
        Henry Robinson added a comment - I have reviewed this, and it looks good. Thanks Kapil!
        Hide
        Henry Robinson added a comment -

        Kapil -

        Thanks for the patch! Unfortunately it didn't apply cleanly against trunk because I think you had added 'test_acl_validity' to acl_test.py which was not included in the diff.

        I'm attaching a patch that applies cleanly to trunk - no code changes from your patch.

        Thanks,

        Henry

        Show
        Henry Robinson added a comment - Kapil - Thanks for the patch! Unfortunately it didn't apply cleanly against trunk because I think you had added 'test_acl_validity' to acl_test.py which was not included in the diff. I'm attaching a patch that applies cleanly to trunk - no code changes from your patch. Thanks, Henry
        Hide
        Kapil Thangavelu added a comment -

        patch for zkpython to verify acl keys in dict, and tests.

        Show
        Kapil Thangavelu added a comment - patch for zkpython to verify acl keys in dict, and tests.

          People

          • Assignee:
            Kapil Thangavelu
            Reporter:
            Kapil Thangavelu
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development