HDDS-7760. Let ContainerDataConstructor extend SafeConstructor#4162
HDDS-7760. Let ContainerDataConstructor extend SafeConstructor#4162adoroszlai merged 3 commits intoapache:masterfrom
Conversation
adoroszlai
left a comment
adoroszlai
left a comment
There was a problem hiding this comment.
Thanks @rohit-kb for working on this.
I think we also need to update new Yaml calls in a few places, passing SafeConstructor instance:
|
thanks @adoroszlai, just want to know a little about the role of SafeConstructor instance in Yaml object creations. |
adoroszlai
left a comment
adoroszlai
left a comment
There was a problem hiding this comment.
Thanks @rohit-kb for updating the patch.
| options.setPrettyFlow(true); | ||
| options.setDefaultFlowStyle(DumperOptions.FlowStyle.FLOW); | ||
| Yaml yaml = new Yaml(options); | ||
| Yaml yaml = new Yaml(new SafeConstructor(new LoaderOptions()), new Representer(options), options); |
There was a problem hiding this comment.
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/container/common/helpers/DatanodeIdYaml.java
62: Line is longer than 80 characters (found 102).
https://github.com/rohit-kb/ozone/actions/runs/3882072979/jobs/6621789972#step:6:427
|
|
||
| try { | ||
| Yaml yaml = new Yaml(); | ||
| Yaml yaml = new Yaml(new SafeConstructor(new LoaderOptions())); |
There was a problem hiding this comment.
Looks like this causes test failures:
Tests run: 5, Failures: 4, Errors: 0, Skipped: 0, Time elapsed: 0.268 s <<< FAILURE! - in org.apache.hadoop.hdds.scm.net.TestYamlSchemaLoader
https://github.com/rohit-kb/ozone/actions/runs/3882072979/jobs/6621790406#step:6:584
Can you please check?
There was a problem hiding this comment.
thanks for the review, looking into it
This reverts commit cacbccd.
adoroszlai
changed the title
2 participants
What changes were proposed in this pull request?
Finding and replacing Constructor() class of snakeyaml with SafeConstructor() due to CVE-2022-1471
What is the link to the Apache JIRA
https://issues.apache.org/jira/browse/HDDS-7760