naruto-lgtm opened a new pull request, #8557:
URL: https://github.com/apache/hadoop/pull/8557
### Description of PR
`LeveldbConfigurationStore.deserLogMutations` reads the scheduler
configuration mutation log back from the LevelDB store with a raw
`ObjectInputStream.readObject()`. Anyone who can write the store directory
(`yarn.scheduler.configuration.leveldb-store.path`) can replace the serialized
`LinkedList<LogMutation>` with a gadget payload, and the RM will instantiate
arbitrary Serializable classes off the classpath on the next load/recovery.
The sibling `ZKConfigurationStore` already decodes the same
`LinkedList<LogMutation>` through commons-io `ValidatingObjectInputStream` with
an explicit class allowlist; the LevelDB store was left on the unrestricted
path. This change applies the same allowlist (`LinkedList`, `LogMutation`,
`HashMap`, `String`) inside the decode helper so the restriction lives next to
the read rather than relying on the store being trusted.
### How was this patch tested?
Round-tripped a real `LinkedList<LogMutation>` (a `HashMap` of updates plus
a user string) through the patched helper - it deserializes unchanged. A
serialized object of a class outside the allowlist is now rejected with
`InvalidClassException ("Class name not accepted")` instead of being
constructed. Built `hadoop-yarn-server-resourcemanager` with the change.
### For code changes:
- [ ] Does the title or this PR starts with the corresponding JIRA issue id
(e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the
endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`,
`NOTICE-binary` files?
### AI Tooling
If an AI tool was used:
- [ ] The PR includes the phrase "Contains content generated by <tool>"
where <tool> is the name of the AI tool used.
- [ ] My use of AI contributions follows the ASF legal policy
https://www.apache.org/legal/generative-tooling.html
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]