[dolphinscheduler] branch dev updated: Remove the log path check (#13280)

Mon, 26 Dec 2022 06:40:17 -0800 

This is an automated email from the ASF dual-hosted git repository.

chufenggao pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git


The following commit(s) were added to refs/heads/dev by this push:
     new de70421a1e Remove the log path check (#13280)
de70421a1e is described below

commit de70421a1eefaf4105c2961787b3710fa4b94f4f
Author: Wenjun Ruan <[email protected]>
AuthorDate: Mon Dec 26 22:39:08 2022 +0800

    Remove the log path check (#13280)
---
 .../remote/processor/LoggerRequestProcessor.java   | 35 ----------------------
 .../service/log/LoggerRequestProcessorTest.java    | 13 ++------
 2 files changed, 3 insertions(+), 45 deletions(-)

diff --git 
a/dolphinscheduler-remote/src/main/java/org/apache/dolphinscheduler/remote/processor/LoggerRequestProcessor.java
 
b/dolphinscheduler-remote/src/main/java/org/apache/dolphinscheduler/remote/processor/LoggerRequestProcessor.java
index e695fd4494..8e8eb7bd4e 100644
--- 
a/dolphinscheduler-remote/src/main/java/org/apache/dolphinscheduler/remote/processor/LoggerRequestProcessor.java
+++ 
b/dolphinscheduler-remote/src/main/java/org/apache/dolphinscheduler/remote/processor/LoggerRequestProcessor.java
@@ -36,8 +36,6 @@ import 
org.apache.dolphinscheduler.remote.command.log.RollViewLogResponseCommand
 import org.apache.dolphinscheduler.remote.command.log.ViewLogRequestCommand;
 import org.apache.dolphinscheduler.remote.command.log.ViewLogResponseCommand;
 
-import org.apache.commons.lang3.StringUtils;
-
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
@@ -76,9 +74,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
                 GetLogBytesRequestCommand getLogRequest = 
JSONUtils.parseObject(
                         command.getBody(), GetLogBytesRequestCommand.class);
                 String path = getLogRequest.getPath();
-                if (!checkPathSecurity(path)) {
-                    throw new IllegalArgumentException("Illegal path: " + 
path);
-                }
                 byte[] bytes = getFileContentBytes(path);
                 GetLogBytesResponseCommand getLogResponse = new 
GetLogBytesResponseCommand(bytes);
                 
channel.writeAndFlush(getLogResponse.convert2Command(command.getOpaque()));
@@ -87,9 +82,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
                 ViewLogRequestCommand viewLogRequest = JSONUtils.parseObject(
                         command.getBody(), ViewLogRequestCommand.class);
                 String viewLogPath = viewLogRequest.getPath();
-                if (!checkPathSecurity(viewLogPath)) {
-                    throw new IllegalArgumentException("Illegal path: " + 
viewLogPath);
-                }
                 String msg = LogUtils.readWholeFileContent(viewLogPath);
                 ViewLogResponseCommand viewLogResponse = new 
ViewLogResponseCommand(msg);
                 
channel.writeAndFlush(viewLogResponse.convert2Command(command.getOpaque()));
@@ -99,9 +91,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
                         command.getBody(), RollViewLogRequestCommand.class);
 
                 String rollViewLogPath = rollViewLogRequest.getPath();
-                if (!checkPathSecurity(rollViewLogPath)) {
-                    throw new IllegalArgumentException("Illegal path: " + 
rollViewLogPath);
-                }
 
                 List<String> lines = readPartFileContent(rollViewLogPath,
                         rollViewLogRequest.getSkipLineNum(), 
rollViewLogRequest.getLimit());
@@ -134,9 +123,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
                         command.getBody(), RemoveTaskLogRequestCommand.class);
 
                 String taskLogPath = removeTaskLogRequest.getPath();
-                if (!checkPathSecurity(taskLogPath)) {
-                    throw new IllegalArgumentException("Illegal path: " + 
taskLogPath);
-                }
                 File taskLogFile = new File(taskLogPath);
                 boolean status = true;
                 try {
@@ -155,9 +141,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
                         JSONUtils.parseObject(command.getBody(), 
GetAppIdRequestCommand.class);
                 String appInfoPath = getAppIdRequestCommand.getAppInfoPath();
                 String logPath = getAppIdRequestCommand.getLogPath();
-                if (!checkPathSecurity(appInfoPath) || 
!checkPathSecurity(logPath)) {
-                    throw new IllegalArgumentException("Illegal path");
-                }
                 List<String> appIds = LogUtils.getAppIds(logPath, appInfoPath,
                         PropertyUtils.getString(APPID_COLLECT, 
DEFAULT_COLLECT_WAY));
                 channel.writeAndFlush(
@@ -168,24 +151,6 @@ public class LoggerRequestProcessor implements 
NettyRequestProcessor {
         }
     }
 
-    /**
-     * LogServer only can read the logs dir.
-     * @param path
-     * @return
-     */
-    private boolean checkPathSecurity(String path) {
-        String dsHome = System.getProperty("DOLPHINSCHEDULER_WORKER_HOME");
-        if (StringUtils.isBlank(dsHome)) {
-            dsHome = System.getProperty("user.dir");
-        }
-        if (StringUtils.isBlank(path)) {
-            logger.warn("path is null");
-            return false;
-        } else {
-            return path.startsWith(dsHome) && !path.contains("../") && 
path.endsWith(".log");
-        }
-    }
-
     /**
      * get files content bytes for download file
      *
diff --git 
a/dolphinscheduler-service/src/test/java/org/apache/dolphinscheduler/service/log/LoggerRequestProcessorTest.java
 
b/dolphinscheduler-service/src/test/java/org/apache/dolphinscheduler/service/log/LoggerRequestProcessorTest.java
index 167f0a54d9..fb02a3be48 100644
--- 
a/dolphinscheduler-service/src/test/java/org/apache/dolphinscheduler/service/log/LoggerRequestProcessorTest.java
+++ 
b/dolphinscheduler-service/src/test/java/org/apache/dolphinscheduler/service/log/LoggerRequestProcessorTest.java
@@ -25,7 +25,6 @@ import 
org.apache.dolphinscheduler.remote.processor.LoggerRequestProcessor;
 import org.apache.dolphinscheduler.service.utils.LoggerUtils;
 
 import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
@@ -80,9 +79,7 @@ public class LoggerRequestProcessorTest {
         command.setBody(JSONUtils.toJsonByteArray(logRequestCommand));
 
         LoggerRequestProcessor loggerRequestProcessor = new 
LoggerRequestProcessor();
-        Assertions.assertThrows(IllegalArgumentException.class, () -> {
-            loggerRequestProcessor.process(channel, command);
-        });
+        loggerRequestProcessor.process(channel, command);
     }
 
     @Test
@@ -98,9 +95,7 @@ public class LoggerRequestProcessorTest {
         command.setBody(JSONUtils.toJsonByteArray(logRequestCommand));
 
         LoggerRequestProcessor loggerRequestProcessor = new 
LoggerRequestProcessor();
-        Assertions.assertThrows(IllegalArgumentException.class, () -> {
-            loggerRequestProcessor.process(channel, command);
-        });
+        loggerRequestProcessor.process(channel, command);
     }
 
     @Test
@@ -115,8 +110,6 @@ public class LoggerRequestProcessorTest {
         command.setBody(JSONUtils.toJsonByteArray(logRequestCommand));
 
         LoggerRequestProcessor loggerRequestProcessor = new 
LoggerRequestProcessor();
-        Assertions.assertThrows(IllegalArgumentException.class, () -> {
-            loggerRequestProcessor.process(channel, command);
-        });
+        loggerRequestProcessor.process(channel, command);
     }
 }

Reply via email to