kabhishek4 commented on code in PR #2280:
URL: https://github.com/apache/zookeeper/pull/2280#discussion_r2269920709
##########
zookeeper-server/src/main/java/org/apache/zookeeper/server/auth/IPAuthenticationProvider.java:
##########
@@ -93,6 +234,7 @@ private void mask(byte[] b, int bits) {
}
public boolean matches(String id, String aclExpr) {
Review Comment:
> What happen if `id` is ipv6 while `aclExpr` is ipv4 ?
id V6 aclExpr v4
In this case, due to condition in the
byte[] addr2Bytes(String addr)
String id will be parsed by v6addr2Bytes. 16 byte address will be returned.
String aclExpr will be parsed by v4addr2Bytes. 4 byte address will be
returned.
The comparision of parsed id and aclExpr will result in out of bounds
exception
aclAddr.length = 4
remoteAddr.length = 16
As a result, MARSHALLINGERROR will be returned instead of NoAuthException.
Intermittently,
ConnectionLossException or SessionExpiredException will be returned too.
Added change to return null if byte length of address be compared are
mismatched. This will return NoAuthException.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
