Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Pulsar admin] admin command 'get-message-by-id' can get message by messageId regardless of topic name #11814

Closed
zhanghaou opened this issue Aug 27, 2021 · 10 comments · Fixed by #11852
Closed

[Pulsar admin] admin command 'get-message-by-id' can get message by messageId regardless of topic name #11814

zhanghaou opened this issue Aug 27, 2021 · 10 comments · Fixed by #11852
Labels
type/bug The PR fixed a bug or issue reported a bug

Comments

@zhanghaou
Copy link
Contributor

image
@zhanghaou zhanghaou added the type/bug The PR fixed a bug or issue reported a bug label Aug 27, 2021
@leizhiyuan
Copy link
Contributor

which version do you use?

@sijie sijie mentioned this issue Aug 27, 2021
Closed
@zhanghaou
Copy link
Contributor Author

which version do you use?

2.8.0

@leizhiyuan
Copy link
Contributor

leizhiyuan commented Aug 27, 2021
edited

now ,It seems topic only for validate the ledgerId has the topic and some auth etc.

when validate success, invoke the ledger to fetch message, there is no check after find the message with id.

if topic1 and topic2 was putted into same leager , this will be not right.

image

@leizhiyuan
Copy link
Contributor

maybe what we need is to clear the description.

because in get-message-by-id , you know ledgerId and entryId, what topic belongs of the message is very clear.

@gaozhangmin
Copy link
Contributor

topic is useless in this command, Maybe we should remove it.

@leizhiyuan
Copy link
Contributor

topic is useless in this command, Maybe we should remove it.

image

but now It has some prechecks, but when checking done,when query message, topic name has no meaning.. I think it is confused sometimes.

@zhanghaou
Copy link
Contributor Author

topic is useless in this command, Maybe we should remove it.

Topic is useful for lookup, and can redirect to the owner broker for finding the managedLedger. But even if we get the wrong managedLedger, we can use the managedLedger to get the message. Maybe we can add createIfMissing in the method 'getLedgerHandle'.

@zhanghaou
Copy link
Contributor Author

if topic1 and topic2 was putted into same leager , this will be not right.

Does messages from different topics can put into same ledger?

@gaozhangmin
Copy link
Contributor

Does messages from different topics can put into same ledger?

No。

@zhanghaou zhanghaou mentioned this issue Aug 31, 2021
Merged
sijie pushed a commit that referenced this issue Sep 2, 2021
@zhanghaou
[Issue 11814] fix pulsar admin method:getMessageById. (#11852)
9bfb3db 
Fix #11814 , if we use another topic to find the message, it will return the message, but we may contaminate the ledgers cache in the topic.


**changes**
Add check in the method 'internalGetMessageById' in PersistentTopicsBase, if the ledgerId not belong to this topic, throw a exception.
eolivelli pushed a commit to eolivelli/pulsar that referenced this issue Sep 2, 2021
@zhanghaou @eolivelli
[Issue 11814] fix pulsar admin method:getMessageById. (apache#11852)
e6bb267 
Fix apache#11814 , if we use another topic to find the message, it will return the message, but we may contaminate the ledgers cache in the topic.

**changes**
Add check in the method 'internalGetMessageById' in PersistentTopicsBase, if the ledgerId not belong to this topic, throw a exception.

(cherry picked from commit 9bfb3db)
@eolivelli eolivelli mentioned this issue Sep 2, 2021
Closed
eolivelli pushed a commit to datastax/pulsar that referenced this issue Sep 2, 2021
@zhanghaou @eolivelli
[Issue 11814] fix pulsar admin method:getMessageById. (apache#11852)
745b370 
Fix apache#11814 , if we use another topic to find the message, it will return the message, but we may contaminate the ledgers cache in the topic.

**changes**
Add check in the method 'internalGetMessageById' in PersistentTopicsBase, if the ledgerId not belong to this topic, throw a exception.

(cherry picked from commit 9bfb3db)
hangc0276 pushed a commit that referenced this issue Sep 3, 2021
@zhanghaou @hangc0276
[Issue 11814] fix pulsar admin method:getMessageById. (#11852)
f9b02ca 
Fix #11814 , if we use another topic to find the message, it will return the message, but we may contaminate the ledgers cache in the topic.

**changes**
Add check in the method 'internalGetMessageById' in PersistentTopicsBase, if the ledgerId not belong to this topic, throw a exception.

(cherry picked from commit 9bfb3db)
This was referenced Sep 3, 2021
Merged
Merged
@zhanghaou
Copy link
Contributor Author

@zhanghaou
thank you for sharing this finding.

this bug looks like a security issue.
please take into consideration to file a "Security report" for the next time.
This issue is disclosing a potential security risk to a wide audience.

the correct process is to send an email to security@apache.org or to private@pulsar.apache.org

we will follow up with a release soon

OK.

@hangc0276 hangc0276 mentioned this issue Sep 3, 2021
Merged
bharanic-dev pushed a commit to bharanic-dev/pulsar that referenced this issue Mar 18, 2022
@zhanghaou @ciaocloud
[Issue 11814] fix pulsar admin method:getMessageById. (apache#11852)
90d5c6b 
Fix apache#11814 , if we use another topic to find the message, it will return the message, but we may contaminate the ledgers cache in the topic.


**changes**
Add check in the method 'internalGetMessageById' in PersistentTopicsBase, if the ledgerId not belong to this topic, throw a exception.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/bug The PR fixed a bug or issue reported a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Issue 11814] fix pulsar admin method:getMessageById. zhanghaou/pulsar
3 participants
@leizhiyuan @zhanghaou @gaozhangmin