(orc) branch branch-2.1 updated: ORC-1943: Add `com.google.protobuf.use_unsafe_pre22_gencode` to Surefire testing

Mon, 30 Jun 2025 15:54:23 -0700 

This is an automated email from the ASF dual-hosted git repository.

dongjoon pushed a commit to branch branch-2.1
in repository https://gitbox.apache.org/repos/asf/orc.git


The following commit(s) were added to refs/heads/branch-2.1 by this push:
     new 28e001b61 ORC-1943: Add `com.google.protobuf.use_unsafe_pre22_gencode` 
to Surefire testing
28e001b61 is described below

commit 28e001b6187844283653a88fdad0306bb9a96a2c
Author: Dongjoon Hyun <dongj...@apache.org>
AuthorDate: Mon Jun 30 15:54:07 2025 -0700

    ORC-1943: Add `com.google.protobuf.use_unsafe_pre22_gencode` to Surefire 
testing
    
    ### What changes were proposed in this pull request?
    
    This PR aims to add `com.google.protobuf.use_unsafe_pre22_gencode` to 
Surefire testing.
    
    ### Why are the changes needed?
    
    To suppress the following warnings during testing which occurs since 
ORC-1934
    - #2246
    
    ```
    [INFO] Running org.apache.orc.impl.TestZlib
    Jun 30, 2025 2:50:15 PM com.google.protobuf.GeneratedMessage 
warnPre22Gencode
    WARNING: Vulnerable protobuf generated type in use: 
org.apache.orc.OrcProto$PostScript
    As of 2022/09/29 (release 21.7) makeExtensionsImmutable should not be 
called from protobuf gencode. If you are seeing this message, your gencode is 
vulnerable to a denial of service attack. You should regenerate your code using 
protobuf 25.6 or later. Use the latest version that meets your needs. However, 
if you understand the risks and wish to continue with vulnerable gencode, you 
can set the system property `-Dcom.google.protobuf.use_unsafe_pre22_gencode` on 
the command line to sile [...]
    ```
    
    ### How was this patch tested?
    
    Manual tests because this is a warning log message.
    
    ### Was this patch authored or co-authored using generative AI tooling?
    
    No.
    
    Closes #2305 from dongjoon-hyun/ORC-1943.
    
    Authored-by: Dongjoon Hyun <dongj...@apache.org>
    Signed-off-by: Dongjoon Hyun <dongj...@apache.org>
    (cherry picked from commit 88aaab5be8f556af8ce10e5bc75ac2723ca29c33)
    Signed-off-by: Dongjoon Hyun <dongj...@apache.org>
---
 java/pom.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/java/pom.xml b/java/pom.xml
index 97bf86a89..8309f8320 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -722,6 +722,7 @@
             <test.tmp.dir>${test.tmp.dir}</test.tmp.dir>
             <example.dir>${example.dir}</example.dir>
             
<org.slf4j.simpleLogger.log.org.apache.hadoop>error</org.slf4j.simpleLogger.log.org.apache.hadoop>
+            
<com.google.protobuf.use_unsafe_pre22_gencode></com.google.protobuf.use_unsafe_pre22_gencode>
           </systemPropertyVariables>
         </configuration>
       </plugin>

Reply via email to