EdColeman commented on code in PR #3927:
URL: https://github.com/apache/accumulo/pull/3927#discussion_r1387277737
##########
core/src/main/java/org/apache/accumulo/core/conf/PropertyType.java:
##########
@@ -186,6 +195,39 @@ public boolean isValidFormat(String value) {
return predicate.test(value);
}
+ /**
+ * Validate that the provided string can be parsed into a json object. This
implementation uses
+ * jackson databind because it is less permissive that GSON for what is
considered valid. This
+ * implementation cannot guarantee that the json is valid for the target
usage. That would require
+ * something like a json schema or a check specific to the use-case. This is
only trying to
+ * provide a generic, minimal check that at least the json is valid.
+ */
+ private static class ValidJson implements Predicate<String> {
+ private static final Logger log = LoggerFactory.getLogger(ValidJson.class);
+
+ // set a limit of 1 million characters on the string as rough sanity check
+ private static final int ONE_MILLION = 1024 * 1024;
+
+ @Override
+ public boolean test(String value) {
+ try {
+ if (value.length() > ONE_MILLION) {
+ log.info("provided json string length {} is greater than limit of {}
for parsing",
+ value.length(), ONE_MILLION);
+ return false;
+ }
+ ObjectMapper mapper =
+ new
ObjectMapper().enable(DeserializationFeature.FAIL_ON_READING_DUP_TREE_KEY)
+ .enable(DeserializationFeature.FAIL_ON_TRAILING_TOKENS);
Review Comment:
Made static in 7fa8acabb7. Also, left documentation that we could consider
using ThreadLocal. The ObjectMapper is thread safe, but apparently uses
synchronization, so if we see contention then there are alternatives.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
