Repository: incubator-livy Updated Branches: refs/heads/master 087adb642 -> dcd29a043
[MINOR] Fix some potential security leak issue Fix two potential security leak issue based on the security code scan: 1. Add file name checking code in `RSCDriverBootstrapper`'s main method argument to avoid malicious file. 2. Avoid dumping exception stack to output. CC yanboliang zjffdu please help to review. Author: jerryshao <ss...@hortonworks.com> Closes #22 from jerryshao/security-issue. Project: http://git-wip-us.apache.org/repos/asf/incubator-livy/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-livy/commit/dcd29a04 Tree: http://git-wip-us.apache.org/repos/asf/incubator-livy/tree/dcd29a04 Diff: http://git-wip-us.apache.org/repos/asf/incubator-livy/diff/dcd29a04 Branch: refs/heads/master Commit: dcd29a0435b3bb87a34ddb457a4709c3977469ef Parents: 087adb6 Author: jerryshao <ss...@hortonworks.com> Authored: Thu Jul 27 10:54:17 2017 +0800 Committer: jerryshao <ss...@hortonworks.com> Committed: Thu Jul 27 10:54:17 2017 +0800 ---------------------------------------------------------------------- rsc/src/main/java/org/apache/livy/rsc/RSCClient.java | 2 +- .../org/apache/livy/rsc/driver/RSCDriverBootstrapper.java | 9 ++++++++- .../livy/server/interactive/InteractiveSessionServlet.scala | 1 - 3 files changed, 9 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-livy/blob/dcd29a04/rsc/src/main/java/org/apache/livy/rsc/RSCClient.java ---------------------------------------------------------------------- diff --git a/rsc/src/main/java/org/apache/livy/rsc/RSCClient.java b/rsc/src/main/java/org/apache/livy/rsc/RSCClient.java index 1b38467..3161187 100644 --- a/rsc/src/main/java/org/apache/livy/rsc/RSCClient.java +++ b/rsc/src/main/java/org/apache/livy/rsc/RSCClient.java @@ -331,7 +331,7 @@ public class RSCClient implements LivyClient { @Override public void onFailure(Throwable error) throws Exception { - error.printStackTrace(); + LOG.error("RPC error.", error); promise.tryFailure(error); } }); http://git-wip-us.apache.org/repos/asf/incubator-livy/blob/dcd29a04/rsc/src/main/java/org/apache/livy/rsc/driver/RSCDriverBootstrapper.java ---------------------------------------------------------------------- diff --git a/rsc/src/main/java/org/apache/livy/rsc/driver/RSCDriverBootstrapper.java b/rsc/src/main/java/org/apache/livy/rsc/driver/RSCDriverBootstrapper.java index 09f0ea4..0b591a3 100644 --- a/rsc/src/main/java/org/apache/livy/rsc/driver/RSCDriverBootstrapper.java +++ b/rsc/src/main/java/org/apache/livy/rsc/driver/RSCDriverBootstrapper.java @@ -17,6 +17,7 @@ package org.apache.livy.rsc.driver; +import java.io.File; import java.io.FileInputStream; import java.io.InputStreamReader; import java.io.Reader; @@ -47,7 +48,13 @@ public final class RSCDriverBootstrapper { case 1: props = new Properties(); - Reader r = new InputStreamReader(new FileInputStream(args[0]), UTF_8); + File propertyFile = new File(args[0]); + String fileName = propertyFile.getName(); + if (!fileName.startsWith("livyConf") && fileName.endsWith("properties")) { + throw new IllegalArgumentException("File name " + fileName + "is not a legal file name."); + } + + Reader r = new InputStreamReader(new FileInputStream(propertyFile), UTF_8); try { props.load(r); } finally { http://git-wip-us.apache.org/repos/asf/incubator-livy/blob/dcd29a04/server/src/main/scala/org/apache/livy/server/interactive/InteractiveSessionServlet.scala ---------------------------------------------------------------------- diff --git a/server/src/main/scala/org/apache/livy/server/interactive/InteractiveSessionServlet.scala b/server/src/main/scala/org/apache/livy/server/interactive/InteractiveSessionServlet.scala index c07c829..900c826 100644 --- a/server/src/main/scala/org/apache/livy/server/interactive/InteractiveSessionServlet.scala +++ b/server/src/main/scala/org/apache/livy/server/interactive/InteractiveSessionServlet.scala @@ -157,7 +157,6 @@ class InteractiveSessionServlet( Created(new JobStatus(jobId, JobHandle.State.SENT, null, null)) } catch { case e: Throwable => - e.printStackTrace() throw e } }