[
https://issues.apache.org/jira/browse/HIVE-24097?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Naveen Gangam resolved HIVE-24097.
----------------------------------
Fix Version/s: 4.0.0
Resolution: Fixed
AtzContext should is not expected to be null for the events that are currently
handled. For any new event types, it could be null. We discussed throwing an
exception when this is null but instead of skipping authorization but as it is
not expected to be null normally, there is no risk of unauthorized access.
Fix has been committed to master. Thanks for the patch [~samuelan]
> correct NPE exception in HiveMetastoreAuthorizer
> ------------------------------------------------
>
> Key: HIVE-24097
> URL: https://issues.apache.org/jira/browse/HIVE-24097
> Project: Hive
> Issue Type: Bug
> Components: Hive
> Affects Versions: 4.0.0
> Reporter: Sam An
> Assignee: Sam An
> Priority: Minor
> Labels: pull-request-available
> Fix For: 4.0.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> In some testing, we found it's possible to have NPE if the preEventType does
> not fall within the several the HMS currently checks. This makes the
> AuthzContext a null pointer.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
