[jira] [Updated] (RANGER-5115) Potential ConcurrentModificationException error during policy evaluation

Sat, 25 Jan 2025 17:20:09 -0800 


     [ 
https://issues.apache.org/jira/browse/RANGER-5115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-5115:
-------------------------------------
    Attachment: RANGER-5115.patch

> Potential ConcurrentModificationException error during policy evaluation
> ------------------------------------------------------------------------
>
>                 Key: RANGER-5115
>                 URL: https://issues.apache.org/jira/browse/RANGER-5115
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>    Affects Versions: 2.5.0
>            Reporter: Madhan Neethiraj
>            Assignee: Madhan Neethiraj
>            Priority: Major
>             Fix For: 3.0.0, 2.6.0
>
>         Attachments: RANGER-5115.patch
>
>
> Initialization of
> RangerAbstractPolicyItemEvaluator.withImpliedGrants should be synchronized to 
> avoid ConcurrentModificationException while evaluating policies, as shown in 
> the following stack trace:
>  
> {noformat}
> java.util.ConcurrentModificationException
>       at 
> java.base/java.util.ArrayList$Itr.checkForComodification(ArrayList.java:1042)
>       at java.base/java.util.ArrayList$Itr.next(ArrayList.java:996)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getAccess(RangerDefaultPolicyEvaluator.java:1213)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerAbstractPolicyItemEvaluator.computeWithImpliedGrants(RangerAbstractPolicyItemEvaluator.java:138)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyItemEvaluator.isMatch(RangerDefaultPolicyItemEvaluator.java:96)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1413)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItemForAccessPolicyForSpecificAccess(RangerDefaultPolicyEvaluator.java:1392)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.getMatchingPolicyItem(RangerDefaultPolicyEvaluator.java:1370)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluatePolicyItems(RangerDefaultPolicyEvaluator.java:860)
>       at 
> org.apache.ranger.plugin.policyevaluator.RangerDefaultPolicyEvaluator.evaluate(RangerDefaultPolicyEvaluator.java:256)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesForOneAccessTypeNoAudit(RangerPolicyEngineImpl.java:778)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePoliciesNoAudit(RangerPolicyEngineImpl.java:704)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.zoneAwareAccessEvaluationWithNoAudit(RangerPolicyEngineImpl.java:628)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.evaluatePolicies(RangerPolicyEngineImpl.java:136)
>       at 
> org.apache.ranger.plugin.service.RangerBasePlugin.isAccessAllowed(RangerBasePlugin.java:513)
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to