Re: Review Request 48614: Added validation for UUID's to master/agent validation helpers.

Mon, 13 Jun 2016 00:41:36 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48614/#review137239
-----------------------------------------------------------



Nice first patch to Mesos!

I wonder whether it would be safer to include validation in `UUID::fromBytes()` 
instead -- e.g., to change `fromBytes()` to return `Try<UUID>` instead. This 
would require changing more places in Mesos, but my concern with requiring 
separate validation is that we construct UUIDs from potentially untrusted data 
in many places; requiring validation to be done separately seems error-prone. 
What do you think?


src/tests/scheduler_http_api_tests.cpp (line 974)
<https://reviews.apache.org/r/48614/#comment202399>

    Why are we fetching the stream ID?



src/tests/scheduler_http_api_tests.cpp (line 990)
<https://reviews.apache.org/r/48614/#comment202400>

    Would be a little more concise to do:
    
    ```
    frameworkId = event.get().get().subscribed().framework_id();
    EXPECT_NE("", frameworkId.value());
    ```


- Neil Conway


On June 13, 2016, 6:51 a.m., Deshna Jain wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/48614/
> -----------------------------------------------------------
> 
> (Updated June 13, 2016, 6:51 a.m.)
> 
> 
> Review request for mesos and Vinod Kone.
> 
> 
> Bugs: MESOS-5224
>     https://issues.apache.org/jira/browse/MESOS-5224
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This change adds logic to the master/agent validation helpers
> to see if the status update acknowledgments have a valid UUID
> set conforming to one of the supported versions.
> 
> 
> Diffs
> -----
> 
>   src/master/validation.cpp 309fbed81c9ff0ccc4ff4ee3ee70cf8f1fb2ac55 
>   src/slave/validation.cpp 189d10caf4517a1aff62b523d8eb99d9d1ca4b6a 
>   src/tests/scheduler_http_api_tests.cpp 
> c12205f90e4f2da2c6ad7a0ea75777601eb0ef13 
> 
> Diff: https://reviews.apache.org/r/48614/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Deshna Jain
> 
>

Reply via email to