> On April 6, 2017, 11:18 p.m., Jie Yu wrote: > > src/linux/ldcache.cpp > > Line 120 (original), 120 (patched) > > <https://reviews.apache.org/r/58242/diff/1/?file=1686218#file1686218line120> > > > > Why this change? Seems irrelevant?
I fat-fingered a rebase :-/ - James ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58242/#review171265 ----------------------------------------------------------- On April 6, 2017, 11:21 p.m., James Peach wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58242/ > ----------------------------------------------------------- > > (Updated April 6, 2017, 11:21 p.m.) > > > Review request for mesos and Mesos Reviewbot. > > > Bugs: MESOS-7363 > https://issues.apache.org/jira/browse/MESOS-7363 > > > Repository: mesos > > > Description > ------- > > It is possible for a malicious client to send > libprocess SUBSCRIBE requests that will trigger the > !frameworks.principals.contains(...) CHECK. This can happen > if the client sends a subscribe with a framework ID, then a > second subscribe with a different framework ID but the same > UPID. The invariant in the master is that a UPID uniquely > identifies a given framework. This is violated if we allow > multiple frameworks with the same UPID. > > > Diffs > ----- > > src/master/master.cpp e547d2c410471f42bfeaae40a8b57ca30033e54f > > > Diff: https://reviews.apache.org/r/58242/diff/2/ > > > Testing > ------- > > make checl (Fedora 25). Internal fuzzer run. > > > Thanks, > > James Peach > >
