[
https://issues.apache.org/jira/browse/HDFS-16007?focusedWorklogId=593160&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-593160
]
ASF GitHub Bot logged work on HDFS-16007:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 07/May/21 06:34
Start Date: 07/May/21 06:34
Worklog Time Spent: 10m
Work Description: virajjasani commented on pull request #2982:
URL: https://github.com/apache/hadoop/pull/2982#issuecomment-834106326
> I prefer Validate#validIndex in commons-lang3 rather than Guava. We should
avoid guava as possible.
Sure, let me make this change right away.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 593160)
Time Spent: 0.5h (was: 20m)
> Vulnerabilities found when serializing enum value
> -------------------------------------------------
>
> Key: HDFS-16007
> URL: https://issues.apache.org/jira/browse/HDFS-16007
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: junwen yang
> Assignee: Viraj Jasani
> Priority: Major
> Labels: pull-request-available
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> ReplicaState enum is using ordinal to conduct serialization and
> deserialization, which is vulnerable to the order, to cause issues similar to
> HDFS-15624.
> To avoid it, either adding comments to let later developer not to change this
> enum, or add index checking in the read and getState function to avoid index
> out of bound error.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
