Michael Allen created ACCUMULO-1987:
---------------------------------------
Summary: Incorrect handling of auth byte sequences in TabletServer
Key: ACCUMULO-1987
URL: https://issues.apache.org/jira/browse/ACCUMULO-1987
Project: Accumulo
Issue Type: Bug
Affects Versions: 1.6.0
Reporter: Michael Allen
In TabletServer.java: 667
return security.userHasAuthorizations(credentials, Collections.<ByteBuffer>
singletonList(ByteBuffer.wrap(****auth.getBackingArray()****)));
(Emphasis mine obviously)
That getBackingArray() will return the whole array even when the auth object
has limits set upon it. That has the effect of passing labels to
userHasAuthorization() that are incorrect. For instance, if your label
expression has & and | in it, it will pass the entire string as the label
string, as opposed to just one part of it in certain parts of the parsing.
The fix is to also use the auth.offset() and auth.length() parameters when
building the ByteBuffer. Patch coming.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
