[
https://issues.apache.org/jira/browse/ACCUMULO-1987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13843281#comment-13843281
]
ASF subversion and git services commented on ACCUMULO-1987:
-----------------------------------------------------------
Commit 8f9258500e02e0be7965ebac3912d5dbd9e7c489 in branch
refs/heads/1.6.0-SNAPSHOT from [~mallen]
[ https://git-wip-us.apache.org/repos/asf?p=accumulo.git;h=8f92585 ]
ACCUMULO-1987 Fixes byte buffer copy bug
This patch fixes an issue where the byte buffer for an
authorization expression was being incorrectly handled on
evaluation.
> Incorrect handling of auth byte sequences in TabletServer
> ---------------------------------------------------------
>
> Key: ACCUMULO-1987
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1987
> Project: Accumulo
> Issue Type: Bug
> Affects Versions: 1.6.0
> Reporter: Michael Allen
> Attachments: Fixes-byte-buffer-copy-bug.patch
>
>
> In TabletServer.java: 667
> return security.userHasAuthorizations(credentials, Collections.<ByteBuffer>
> singletonList(ByteBuffer.wrap(****auth.getBackingArray()****)));
> (Emphasis mine obviously)
> That getBackingArray() will return the whole array even when the auth object
> has limits set upon it. That has the effect of passing labels to
> userHasAuthorization() that are incorrect. For instance, if your label
> expression has & and | in it, it will pass the entire string as the label
> string, as opposed to just one part of it in certain parts of the parsing.
> The fix is to also use the auth.offset() and auth.length() parameters when
> building the ByteBuffer. Patch coming.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
