gianm commented on PR #12918: URL: https://github.com/apache/druid/pull/12918#issuecomment-1219801545
>new alerts: > > 3 for Uncontrolled data used in path expression > 1 for Useless null check The useless null check is fixed in https://github.com/apache/druid/pull/12918/commits/728ba30028094eaf91aaef90d76046c709b16938. The uncontrolled data in path expressions seems to be due to using task IDs in file paths. However, these are safe because task IDs are validated prior to submission (using `IdUtils.validateId` in TaskResourceFilter) to not contain path-unsafe characters. I added a couple of additional calls here: once in Task instance creation (as part of AbstractTask, which all builtin tasks extend) and another in TaskQueue.add (which would catch tasks that don't extend AbstractTask). I don't think this adds any safety in production setups, since we already had the TaskResourceFilter checking. But it may help in the static analysis. And it also fails-faster on bad IDs, which is nice. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
