[jira] [Updated] (ATLAS-3853) Error while creating enum Attribute with special characters.

Mayank Jain (Jira) Tue, 23 Jun 2020 01:46:03 -0700


     [ 
https://issues.apache.org/jira/browse/ATLAS-3853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Mayank Jain updated ATLAS-3853:
-------------------------------
    Description: 
 

The issue : 

The enumValue which we assigned  "><svg 
onload=\"alert('table');\"display=none>"  has double quotes in it.the 
janusgraph's class SystemTypeManager.java has RESERVED_CHARS = new char[]\{'{', 
'}', '"', '\u001e'}; into it.


How to reproduce it ? Steps to reproduce :

Step 1 : Create an enum e.g enumXSS.Step 2 : create a classification with some 
attribute of type enumXSS.Step 3 : Assign a value for this attribute with  
"><svg onload=\"alert('table');\"display=none>"Now this will result into an 
error with 500 saying "Something went wrong"

Approach for resolving this : 

As the janusgraph has this check for special characters and our enumValue has 
that double quotes in it it throws an illelagalArgumentException.

Now at Atlas end we are not handling the unexpected exception so we just have 
to catch the Exception and throw it with proper error code and error-message 
which helps user to  understand the issue properly.And for that i have provided 
the patch on RR.

 

 Stack-trace:-
{noformat}
2020-06-19 17:05:32,390 ERROR - [pool-2-thread-7 - 
37492d4b-63b4-4189-89c3-329b0566ae74:]
 ~ graph rollback due to exception  (GraphTransactionInterceptor:167)
java.lang.IllegalArgumentException: Name contains reserved character ": 
__type.edge.classitest."><svg onload="alert('table');" display=none>
        at 
com.google.common.base.Preconditions.checkArgument(Preconditions.java:163)
        at 
org.janusgraph.graphdb.types.system.SystemTypeManager.throwIfSystemName(SystemTypeManager.java:74)
        at 
org.janusgraph.graphdb.types.StandardRelationTypeMaker.name(StandardRelationTypeMaker.java:181)
        at 
org.janusgraph.graphdb.types.StandardRelationTypeMaker.<init>(StandardRelationTypeMaker.java:53)
        at 
org.janusgraph.graphdb.types.StandardEdgeLabelMaker.<init>(StandardEdgeLabelMaker.java:41)
        at 
org.janusgraph.graphdb.transaction.StandardJanusGraphTx.makeEdgeLabel(StandardJanusGraphTx.java:1052)
        at 
org.janusgraph.graphdb.transaction.StandardJanusGraphTx.getOrCreateEdgeLabel(StandardJanusGraphTx.java:1038)
        at 
org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:167)
        at 
org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:37)
        at 
org.apache.atlas.repository.graphdb.janus.AtlasJanusGraph.addEdge(AtlasJanusGraph.java:147)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.addEdge(AtlasTypeDefGraphStoreV2.java:395)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.getOrCreateEdge(AtlasTypeDefGraphStoreV2.java:387)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.addReferencesForAttribute(AtlasStructDefStoreV2.java:523)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.updateVertexAddReferences(AtlasStructDefStoreV2.java:471)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateVertexAddReferences(AtlasClassificationDefStoreV2.java:338)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateByGuid(AtlasClassificationDefStoreV2.java:254)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:183)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:48)
        at 
org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateGraphStore(AtlasTypeDefGraphStore.java:1029)
        at 
org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateTypesDef(AtlasTypeDefGraphStore.java:481)
{noformat}
 

  was:
I had created an enum with some value in it, and a classification 
ClassificationTest1, now while i was adding an attribute to my 
ClassificationTest1 the value i assigne the enumValue was  

"><svg onload="alert('table');"display=none>

and instead of throwing some kind of error message the application threw 
"Something went wrong"  with 500 error code.

The end user in such scenario won't be able to identify what exactly went wrong.

 Stacktrace:-
{noformat}
2020-06-19 17:05:32,390 ERROR - [pool-2-thread-7 - 
37492d4b-63b4-4189-89c3-329b0566ae74:]
 ~ graph rollback due to exception  (GraphTransactionInterceptor:167)
java.lang.IllegalArgumentException: Name contains reserved character ": 
__type.edge.classitest."><svg onload="alert('table');" display=none>
        at 
com.google.common.base.Preconditions.checkArgument(Preconditions.java:163)
        at 
org.janusgraph.graphdb.types.system.SystemTypeManager.throwIfSystemName(SystemTypeManager.java:74)
        at 
org.janusgraph.graphdb.types.StandardRelationTypeMaker.name(StandardRelationTypeMaker.java:181)
        at 
org.janusgraph.graphdb.types.StandardRelationTypeMaker.<init>(StandardRelationTypeMaker.java:53)
        at 
org.janusgraph.graphdb.types.StandardEdgeLabelMaker.<init>(StandardEdgeLabelMaker.java:41)
        at 
org.janusgraph.graphdb.transaction.StandardJanusGraphTx.makeEdgeLabel(StandardJanusGraphTx.java:1052)
        at 
org.janusgraph.graphdb.transaction.StandardJanusGraphTx.getOrCreateEdgeLabel(StandardJanusGraphTx.java:1038)
        at 
org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:167)
        at 
org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:37)
        at 
org.apache.atlas.repository.graphdb.janus.AtlasJanusGraph.addEdge(AtlasJanusGraph.java:147)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.addEdge(AtlasTypeDefGraphStoreV2.java:395)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.getOrCreateEdge(AtlasTypeDefGraphStoreV2.java:387)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.addReferencesForAttribute(AtlasStructDefStoreV2.java:523)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.updateVertexAddReferences(AtlasStructDefStoreV2.java:471)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateVertexAddReferences(AtlasClassificationDefStoreV2.java:338)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateByGuid(AtlasClassificationDefStoreV2.java:254)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:183)
        at 
org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:48)
        at 
org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateGraphStore(AtlasTypeDefGraphStore.java:1029)
        at 
org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateTypesDef(AtlasTypeDefGraphStore.java:481)
{noformat}
 


> Error while creating enum Attribute with special characters.
> ------------------------------------------------------------
>
>                 Key: ATLAS-3853
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3853
>             Project: Atlas
>          Issue Type: Bug
>            Reporter: Mayank Jain
>            Assignee: Mayank Jain
>            Priority: Major
>         Attachments: errorStackTrace.txt
>
>
>  
> The issue : 
> The enumValue which we assigned  "><svg 
> onload=\"alert('table');\"display=none>"  has double quotes in it.the 
> janusgraph's class SystemTypeManager.java has RESERVED_CHARS = new 
> char[]\{'{', '}', '"', '\u001e'}; into it.
> How to reproduce it ? Steps to reproduce :
> Step 1 : Create an enum e.g enumXSS.Step 2 : create a classification with 
> some attribute of type enumXSS.Step 3 : Assign a value for this attribute 
> with  "><svg onload=\"alert('table');\"display=none>"Now this will result 
> into an error with 500 saying "Something went wrong"
> Approach for resolving this : 
> As the janusgraph has this check for special characters and our enumValue has 
> that double quotes in it it throws an illelagalArgumentException.
> Now at Atlas end we are not handling the unexpected exception so we just have 
> to catch the Exception and throw it with proper error code and error-message 
> which helps user to  understand the issue properly.And for that i have 
> provided the patch on RR.
>  
>  Stack-trace:-
> {noformat}
> 2020-06-19 17:05:32,390 ERROR - [pool-2-thread-7 - 
> 37492d4b-63b4-4189-89c3-329b0566ae74:]
>  ~ graph rollback due to exception  (GraphTransactionInterceptor:167)
> java.lang.IllegalArgumentException: Name contains reserved character ": 
> __type.edge.classitest."><svg onload="alert('table');" display=none>
>       at 
> com.google.common.base.Preconditions.checkArgument(Preconditions.java:163)
>       at 
> org.janusgraph.graphdb.types.system.SystemTypeManager.throwIfSystemName(SystemTypeManager.java:74)
>       at 
> org.janusgraph.graphdb.types.StandardRelationTypeMaker.name(StandardRelationTypeMaker.java:181)
>       at 
> org.janusgraph.graphdb.types.StandardRelationTypeMaker.<init>(StandardRelationTypeMaker.java:53)
>       at 
> org.janusgraph.graphdb.types.StandardEdgeLabelMaker.<init>(StandardEdgeLabelMaker.java:41)
>       at 
> org.janusgraph.graphdb.transaction.StandardJanusGraphTx.makeEdgeLabel(StandardJanusGraphTx.java:1052)
>       at 
> org.janusgraph.graphdb.transaction.StandardJanusGraphTx.getOrCreateEdgeLabel(StandardJanusGraphTx.java:1038)
>       at 
> org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:167)
>       at 
> org.janusgraph.graphdb.vertices.AbstractVertex.addEdge(AbstractVertex.java:37)
>       at 
> org.apache.atlas.repository.graphdb.janus.AtlasJanusGraph.addEdge(AtlasJanusGraph.java:147)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.addEdge(AtlasTypeDefGraphStoreV2.java:395)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasTypeDefGraphStoreV2.getOrCreateEdge(AtlasTypeDefGraphStoreV2.java:387)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.addReferencesForAttribute(AtlasStructDefStoreV2.java:523)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasStructDefStoreV2.updateVertexAddReferences(AtlasStructDefStoreV2.java:471)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateVertexAddReferences(AtlasClassificationDefStoreV2.java:338)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.updateByGuid(AtlasClassificationDefStoreV2.java:254)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:183)
>       at 
> org.apache.atlas.repository.store.graph.v2.AtlasClassificationDefStoreV2.update(AtlasClassificationDefStoreV2.java:48)
>       at 
> org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateGraphStore(AtlasTypeDefGraphStore.java:1029)
>       at 
> org.apache.atlas.repository.store.graph.AtlasTypeDefGraphStore.updateTypesDef(AtlasTypeDefGraphStore.java:481)
> {noformat}
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (ATLAS-3853) Error while creating enum Attribute with special characters.

Reply via email to