This is an automated email from the ASF dual-hosted git repository.
nwang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-heron.git
The following commit(s) were added to refs/heads/master by this push:
new 9d77767 Use safe constructor in yaml deserialization
9d77767 is described below
commit 9d7776702750743f536300dd0a2fa7555ac16bf3
Author: Ning Wang <[email protected]>
AuthorDate: Sun Apr 5 17:21:31 2020 -0700
Use safe constructor in yaml deserialization
---
.../java/org/apache/heron/common/config/ConfigReader.java | 5 +++--
.../org/apache/heron/metricsmgr/MetricsSinksConfig.java | 3 ++-
.../org/apache/heron/apiserver/utils/ConfigUtils.java | 7 ++++---
.../apache/heron/apiserver/utils/ConfigUtilsTests.java | 15 ++++++++-------
4 files changed, 17 insertions(+), 13 deletions(-)
diff --git
a/heron/common/src/java/org/apache/heron/common/config/ConfigReader.java
b/heron/common/src/java/org/apache/heron/common/config/ConfigReader.java
index cb0a3ca..a17c72f 100644
--- a/heron/common/src/java/org/apache/heron/common/config/ConfigReader.java
+++ b/heron/common/src/java/org/apache/heron/common/config/ConfigReader.java
@@ -32,6 +32,7 @@ import java.util.logging.Level;
import java.util.logging.Logger;
import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
/**
* Loads config file in Yaml file format.
@@ -79,7 +80,7 @@ public final class ConfigReader {
try {
FileInputStream fin = new FileInputStream(new File(fileName));
try {
- Yaml yaml = new Yaml();
+ Yaml yaml = new Yaml(new SafeConstructor());
propsYaml = (Map<String, Object>) yaml.load(fin);
LOG.log(Level.FINE, "Successfully read config file {0}", fileName);
} finally {
@@ -104,7 +105,7 @@ public final class ConfigReader {
public static Map<String, Object> loadStream(InputStream inputStream) {
LOG.fine("Reading config stream");
- Yaml yaml = new Yaml();
+ Yaml yaml = new Yaml(new SafeConstructor());
Map<Object, Object> propsYaml = (Map<Object, Object>)
yaml.load(inputStream);
LOG.fine("Successfully read config");
diff --git
a/heron/metricsmgr/src/java/org/apache/heron/metricsmgr/MetricsSinksConfig.java
b/heron/metricsmgr/src/java/org/apache/heron/metricsmgr/MetricsSinksConfig.java
index ff989cd..f0655bb 100644
---
a/heron/metricsmgr/src/java/org/apache/heron/metricsmgr/MetricsSinksConfig.java
+++
b/heron/metricsmgr/src/java/org/apache/heron/metricsmgr/MetricsSinksConfig.java
@@ -29,6 +29,7 @@ import java.util.List;
import java.util.Map;
import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
import org.apache.heron.common.basics.TypeUtils;
@@ -62,7 +63,7 @@ public class MetricsSinksConfig {
return Collections.emptyMap();
}
- Yaml yaml = new Yaml();
+ Yaml yaml = new Yaml(new SafeConstructor());
try (InputStream inputStream = new FileInputStream(configFile)) {
return (Map<Object, Object>) yaml.load(inputStream);
}
diff --git
a/heron/tools/apiserver/src/java/org/apache/heron/apiserver/utils/ConfigUtils.java
b/heron/tools/apiserver/src/java/org/apache/heron/apiserver/utils/ConfigUtils.java
index 8a8269b..e6aa022 100644
---
a/heron/tools/apiserver/src/java/org/apache/heron/apiserver/utils/ConfigUtils.java
+++
b/heron/tools/apiserver/src/java/org/apache/heron/apiserver/utils/ConfigUtils.java
@@ -30,6 +30,7 @@ import java.util.Properties;
import org.yaml.snakeyaml.DumperOptions;
import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
import org.apache.heron.api.exception.InvalidTopologyException;
import org.apache.heron.api.generated.TopologyAPI;
@@ -110,7 +111,7 @@ public final class ConfigUtils {
try (Writer writer = Files.newBufferedWriter(tempOverridesPath)) {
overrideReader = Files.newBufferedReader(overridesPath);
final Map<String, Object> currentOverrides =
- (Map<String, Object>) new Yaml().load(overrideReader);
+ (Map<String, Object>) new Yaml(new
SafeConstructor()).load(overrideReader);
currentOverrides.putAll(overrides);
// write updated overrides
@@ -138,9 +139,9 @@ public final class ConfigUtils {
) {
stateManagerReader = Files.newBufferedReader(stateManagerPath);
- final Map<String, Object> overrides = (Map<String, Object>) new
Yaml().load(overrideReader);
+ final Map<String, Object> overrides = (Map<String, Object>) new Yaml(new
SafeConstructor()).load(overrideReader);
final Map<String, Object> stateMangerConfig =
- (Map<String, Object>) new Yaml().load(stateManagerReader);
+ (Map<String, Object>) new Yaml(new
SafeConstructor()).load(stateManagerReader);
// update the state manager config with the overrides
for (Map.Entry<String, Object> entry : overrides.entrySet()) {
// does this key have an override?
diff --git
a/heron/tools/apiserver/tests/java/org/apache/heron/apiserver/utils/ConfigUtilsTests.java
b/heron/tools/apiserver/tests/java/org/apache/heron/apiserver/utils/ConfigUtilsTests.java
index 7fd110c..2fbbc15 100644
---
a/heron/tools/apiserver/tests/java/org/apache/heron/apiserver/utils/ConfigUtilsTests.java
+++
b/heron/tools/apiserver/tests/java/org/apache/heron/apiserver/utils/ConfigUtilsTests.java
@@ -31,6 +31,7 @@ import java.util.Properties;
import org.junit.Test;
import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
import org.apache.heron.common.basics.Pair;
@@ -49,7 +50,7 @@ public class ConfigUtilsTests {
final String overridesPath =
ConfigUtils.createOverrideConfiguration(overrideProperties);
try (Reader reader = Files.newBufferedReader(Paths.get(overridesPath))) {
final Map<String, Object> overrides =
- (Map<String, Object>) new Yaml().loadAs(reader, Map.class);
+ (Map<String, Object>) new Yaml(new SafeConstructor()).loadAs(reader,
Map.class);
assertEquals(overrides.size(), overrideProperties.size());
for (String key : overrides.keySet()) {
assertEquals(overrides.get(key), overrideProperties.getProperty(key));
@@ -73,7 +74,7 @@ public class ConfigUtilsTests {
try (Writer writer = Files.newBufferedWriter(stateManagerPath)) {
final Map<String, String> config = new HashMap<>();
config.put("heron.statemgr.connection.string", "<host>:<port>");
- new Yaml().dump(config, writer);
+ new Yaml(new SafeConstructor()).dump(config, writer);
}
// apply the overrides
@@ -81,7 +82,7 @@ public class ConfigUtilsTests {
try (Reader reader = Files.newBufferedReader(stateManagerPath)) {
final Map<String, Object> stateManagerWithOverrides =
- (Map<String, Object>) new Yaml().loadAs(reader, Map.class);
+ (Map<String, Object>) new Yaml(new SafeConstructor()).loadAs(reader,
Map.class);
assertEquals(stateManagerWithOverrides.size(), 1);
assertEquals(stateManagerWithOverrides.get("heron.statemgr.connection.string"),
"zookeeper:2181");
@@ -103,7 +104,7 @@ public class ConfigUtilsTests {
try (Writer writer = Files.newBufferedWriter(stateManagerPath)) {
final Map<String, String> config = new HashMap<>();
config.put("heron.statemgr.connection.string", "<host>:<port>");
- new Yaml().dump(config, writer);
+ new Yaml(new SafeConstructor()).dump(config, writer);
}
// apply the overrides
@@ -111,7 +112,7 @@ public class ConfigUtilsTests {
try (Reader reader = Files.newBufferedReader(stateManagerPath)) {
final Map<String, Object> stateManagerWithOverrides =
- (Map<String, Object>) new Yaml().loadAs(reader, Map.class);
+ (Map<String, Object>) new Yaml(new SafeConstructor()).loadAs(reader,
Map.class);
assertEquals(stateManagerWithOverrides.size(), 1);
assertEquals(stateManagerWithOverrides.get("heron.statemgr.connection.string"),
"<host>:<port>");
@@ -142,7 +143,7 @@ public class ConfigUtilsTests {
try (Reader reader = Files.newBufferedReader(Paths.get(overridesPath))) {
final Map<String, Object> newOverrides =
- (Map<String, Object>) new Yaml().loadAs(reader, Map.class);
+ (Map<String, Object>) new Yaml(new SafeConstructor()).loadAs(reader,
Map.class);
assertEquals(newOverrides, combinedOverrides);
}
}
@@ -166,7 +167,7 @@ public class ConfigUtilsTests {
try (Reader reader = Files.newBufferedReader(Paths.get(overridesPath))) {
final Map<String, Object> newOverrides =
- (Map<String, Object>) new Yaml().loadAs(reader, Map.class);
+ (Map<String, Object>) new Yaml(new SafeConstructor()).loadAs(reader,
Map.class);
assertEquals(newOverrides, overrides);
}
}
