Repository: hadoop Updated Branches: refs/heads/branch-2.7 a91a1031e -> b5f25a1a5
YARN-4017. container-executor overuses PATH_MAX. Contributed by Sidharta Seethana (cherry picked from commit 5b6bae00942c495e4be6ea2b8eb0676a48468dc6) (cherry picked from commit 34b8142802eb4af99b3bb7586bc2f8a47f6d73c7) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/b5f25a1a Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/b5f25a1a Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/b5f25a1a Branch: refs/heads/branch-2.7 Commit: b5f25a1a560f8b1713259a8f07e6f6b40ece902e Parents: a91a103 Author: Varun Vasudev <[email protected]> Authored: Tue Oct 13 12:48:30 2015 +0530 Committer: Akira Ajisaka <[email protected]> Committed: Thu Jun 8 14:53:59 2017 +0900 ---------------------------------------------------------------------- hadoop-yarn-project/CHANGES.txt | 3 +++ .../native/container-executor/impl/configuration.c | 4 ++-- .../native/container-executor/impl/configuration.h | 4 ++++ .../container-executor/impl/container-executor.c | 16 ++++++++-------- 4 files changed, 17 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/b5f25a1a/hadoop-yarn-project/CHANGES.txt ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/CHANGES.txt b/hadoop-yarn-project/CHANGES.txt index a983f20..57e1228 100644 --- a/hadoop-yarn-project/CHANGES.txt +++ b/hadoop-yarn-project/CHANGES.txt @@ -115,6 +115,9 @@ Release 2.7.4 - UNRELEASED YARN-1471. The SLS simulator is not running the preemption policy for CapacityScheduler (Carlo Curino via cdouglas) Backport by Ye Zhou. + YARN-4017. container-executor overuses PATH_MAX. + (Sidharta Seethana via vvasudev) + Release 2.7.3 - 2016-08-25 INCOMPATIBLE CHANGES http://git-wip-us.apache.org/repos/asf/hadoop/blob/b5f25a1a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c index 15b53ae..9199f1f 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c @@ -94,12 +94,12 @@ static int is_only_root_writable(const char *file) { */ char *resolve_config_path(const char* file_name, const char *root) { const char *real_fname = NULL; - char buffer[PATH_MAX*2 + 1]; + char buffer[EXECUTOR_PATH_MAX*2 + 1]; if (file_name[0] == '/') { real_fname = file_name; } else if (realpath(root, buffer) != NULL) { - strncpy(strrchr(buffer, '/') + 1, file_name, PATH_MAX); + strncpy(strrchr(buffer, '/') + 1, file_name, EXECUTOR_PATH_MAX); real_fname = buffer; } http://git-wip-us.apache.org/repos/asf/hadoop/blob/b5f25a1a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h index 133e67b..892af3a 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h @@ -18,6 +18,10 @@ #include <stddef.h> +/** Define a platform-independent constant instead of using PATH_MAX */ + +#define EXECUTOR_PATH_MAX 4096 + /** * Ensure that the configuration file and all of the containing directories * are only writable by root. Otherwise, an attacker can change the http://git-wip-us.apache.org/repos/asf/hadoop/blob/b5f25a1a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c ---------------------------------------------------------------------- diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c index a86906b..756618f 100644 --- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c +++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c @@ -61,17 +61,17 @@ void set_nm_uid(uid_t user, gid_t group) { * get the executable filename. */ char* get_executable() { - char buffer[PATH_MAX]; - snprintf(buffer, PATH_MAX, "/proc/%u/exe", getpid()); - char *filename = malloc(PATH_MAX); - ssize_t len = readlink(buffer, filename, PATH_MAX); + char buffer[EXECUTOR_PATH_MAX]; + snprintf(buffer, EXECUTOR_PATH_MAX, "/proc/%u/exe", getpid()); + char *filename = malloc(EXECUTOR_PATH_MAX); + ssize_t len = readlink(buffer, filename, EXECUTOR_PATH_MAX); if (len == -1) { fprintf(ERRORFILE, "Can't get executable name from %s - %s\n", buffer, strerror(errno)); exit(-1); - } else if (len >= PATH_MAX) { + } else if (len >= EXECUTOR_PATH_MAX) { fprintf(ERRORFILE, "Executable name %.*s is longer than %d characters.\n", - PATH_MAX, filename, PATH_MAX); + EXECUTOR_PATH_MAX, filename, EXECUTOR_PATH_MAX); exit(-1); } filename[len] = '\0'; @@ -1429,7 +1429,7 @@ int mount_cgroup(const char *pair, const char *hierarchy) { #else char *controller = malloc(strlen(pair)); char *mount_path = malloc(strlen(pair)); - char hier_path[PATH_MAX]; + char hier_path[EXECUTOR_PATH_MAX]; int result = 0; if (get_kv_key(pair, controller, strlen(pair)) < 0 || @@ -1441,7 +1441,7 @@ int mount_cgroup(const char *pair, const char *hierarchy) { if (mount("none", mount_path, "cgroup", 0, controller) == 0) { char *buf = stpncpy(hier_path, mount_path, strlen(mount_path)); *buf++ = '/'; - snprintf(buf, PATH_MAX - (buf - hier_path), "%s", hierarchy); + snprintf(buf, EXECUTOR_PATH_MAX - (buf - hier_path), "%s", hierarchy); // create hierarchy as 0750 and chown to Hadoop NM user const mode_t perms = S_IRWXU | S_IRGRP | S_IXGRP; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
