[GitHub] drill issue #930: DRILL-5761: Disable Lilith ClassicMultiplexSocketAppender ...

2017-09-04 Thread jinfengni 
Github user jinfengni commented on the issue:

https://github.com/apache/drill/pull/930
  
The proposal from @vrozov makes sense to me. As long as Lilith is not 
completely disabled, I'm fine with it. 

 


---

[GitHub] drill issue #909: DRILL-4264: Allow field names to include dots

2017-09-04 Thread amansinha100 
Github user amansinha100 commented on the issue:

https://github.com/apache/drill/pull/909
  
Merged in d105950a7a9fb2ff3acd072ee65a51ef1fca120e.  @vvysotskyi pls close 
the PR (for some reason github is not showing me the option to close). 


---

[GitHub] drill issue #909: DRILL-4264: Allow field names to include dots

2017-09-04 Thread amansinha100 
Github user amansinha100 commented on the issue:

https://github.com/apache/drill/pull/909
  
Thanks @vvysotskyi for the PR and @paul-rogers for reviewing the proposal 
and code.  


---

[HANGOUT] Topics for 9/5/2017

2017-09-04 Thread Boaz Ben-Zvi 

   We shall have a Drill hangout tomorrow (Tuesday Sept 5) at 10 AM Pacific.

Please suggest any topics by replying to this thread or bring them up during 
the hangout.


Hangout link:
   https://plus.google.com/hangouts/_/event/ci4rdiju8bv04a64efj5fedd0lc

  Thanks,

 Boaz

[GitHub] drill pull request #931: DRILL-5763: Fix NPE during MapRDBSubScan deserializ...

2017-09-04 Thread asfgit 
Github user asfgit closed the pull request at:

https://github.com/apache/drill/pull/931


---

[GitHub] drill pull request #901: DRILL-5709: Provide a value vector method to conver...

2017-09-04 Thread asfgit 
Github user asfgit closed the pull request at:

https://github.com/apache/drill/pull/901


---

[GitHub] drill issue #901: DRILL-5709: Provide a value vector method to convert a vec...

2017-09-04 Thread amansinha100 
Github user amansinha100 commented on the issue:

https://github.com/apache/drill/pull/901
  
+1 


---

[GitHub] drill pull request #931: DRILL-5763: Fix NPE during MapRDBSubScan deserializ...

2017-09-04 Thread amansinha100 
Github user amansinha100 commented on a diff in the pull request:

https://github.com/apache/drill/pull/931#discussion_r136856876
  
--- Diff: 
contrib/format-maprdb/src/main/java/org/apache/drill/exec/store/mapr/db/MapRDBSubScan.java
 ---
@@ -71,14 +71,32 @@ public MapRDBSubScan(String userName, 
MapRDBFormatPlugin formatPlugin,
 this.tableType = tableType;
   }
 
+
+  @JsonProperty("formatPluginConfig")
--- End diff --

Ok, yes since the fields are primitive types, they are not adding a 
dependency on other classes.  
Separately, we need to increase test coverage for these types of 
serialization/deserialization issues for the most commonly used storage and 
format plugins but that's a different discussion. 
I am good with this.  +1


---

[GitHub] drill pull request #930: DRILL-5761: Disable Lilith ClassicMultiplexSocketAp...

2017-09-04 Thread vrozov 
Github user vrozov commented on a diff in the pull request:

https://github.com/apache/drill/pull/930#discussion_r136835528
  
--- Diff: common/src/test/resources/logback.xml ---
@@ -16,17 +16,22 @@
 1
 true
 ${LILITH_HOSTNAME:-localhost}
+

[GitHub] drill issue #916: DRILL-5377: Five-digit year dates are displayed incorrectl...

2017-09-04 Thread vdiravka 
Github user vdiravka commented on the issue:

https://github.com/apache/drill/pull/916
  
I've Added TODO with reference to [SQLLine dateFormat, timeFormat, 
timestampFormat](https://github.com/julianhyde/sqlline/issues/66) issue. The 
branch is rebased to master version
@paul-rogers Please take take a look at this minor updates.


---

[GitHub] drill issue #930: DRILL-5761: Disable Lilith ClassicMultiplexSocketAppender ...

2017-09-04 Thread vvysotskyi 
Github user vvysotskyi commented on the issue:

https://github.com/apache/drill/pull/930
  
I have implemented the proposal of @vrozov to conditionally enable Lilith 
appender. I have used `ThresholdFilter` in Lilith appender, so it was not 
needed to change all places where it is used.
An example of how to enable Lilith was added to the Jira description.
@jinfengni, @vrozov could you please take a look?


---

Re: Disable Lilith SOCKET connection by default.

2017-09-04 Thread Vova Vysotskyi 
Vlad Rozov, thanks for the idea to conditionally enable Lilith appender.

I agree with you that the order of logback.xml files is undefined. I
suppose that these files are used for debugging separate tests when
logback config file is set manually (-Dlogback.configurationFile).

2017-09-01 22:49 GMT+00:00 Vlad Rozov :

> I'd suggest to conditionally enable lilith appender in logback.xml based
> on a property (for example drill.lilith.level). By default it can be set to
> OFF and lilith appender not being added to loggers specified in the
> logback.xml. An individual unit test can be executed with
> -Ddrill.lilith.level=DEBUG, in which case, the appender will be in effect
> if necessary.
>
> I have a related question - there are several logback.xml in the
> drill/exec/java-exec: ./test/sh/logback.xml, ./test/resources/logback.xml
> and ./main/resources/logback.xml. on top of that, java-exec depends on
> drill-common-test that has it's own logback.xml and they all end up being
> on the classpath during unit test. Which one is used during unit test
> depends on their order in the classpath and my experience with maven
> dependency says that the order is undefined. Do I miss something here and
> there is an additional mechanism that resolves which logback configuration
> is in use?
>
> Thank you,
>
> Vlad
>
>
>
> On 9/1/17 10:34, Jinfeng Ni wrote:
>
>> If you run the whole unit test suite, you do not have to open Lilith at
>> the
>> same time. My experience is Lilith will significantly slow down unit test
>> suite running, and even fail testcases, as Drill's code put many DEBUG log
>> which chocked Lilith.
>>
>> Lilith is useful only if you are running individual testcases to debug
>> certain issues.
>>
>>
>>
>> On Fri, Sep 1, 2017 at 1:36 AM, Arina Yelchiyeva <
>> arina.yelchiy...@gmail.com
>>
>>> wrote:
>>> I don't think that Lilith is critical for running unit tests. Since it is
>>> used to view the logs, I guess you can disable it by default but please
>>> leave the comment indicating the reason of the change.
>>>
>>> Kind regards
>>> Arina
>>>
>>> On Thu, Aug 31, 2017 at 2:06 PM, Vova Vysotskyi 
>>> wrote:
>>>
>>> Hi all,

 I am having troubles when running Drill unit tests on the node where
 Hiveserver2 service is running. In this case, run hangs in the middle.
 It
 is because Lilith and Hiveserver2 use the same port 1.
 I tried to change the Lilith port in the logback.xml, but we cannot

>>> change
>>>
 this port in Lilith UI (https://github.com/huxi/lilith/issues/10).
 I have no other Ideas, how to avoid this issue without disabling Lilith

>>> or
>>>
 stopping HS2.

 Do you mind if I disable Lilith SOCKET connection by default?

 --
 Kind regards,
 Volodymyr Vysotskyi


>
> Thank you,
>
> Vlad
>



-- 
Kind regards,
Volodymyr Vysotskyi

[jira] [Created] (DRILL-5767) Fix error when querying data with the same column names as implicit columns

2017-09-04 Thread Arina Ielchiieva (JIRA) 
Arina Ielchiieva created DRILL-5767:
---

 Summary: Fix error when querying data with the same column names 
as implicit columns
 Key: DRILL-5767
 URL: https://issues.apache.org/jira/browse/DRILL-5767
 Project: Apache Drill
  Issue Type: Bug
Affects Versions: 1.11.0
Reporter: Arina Ielchiieva
 Fix For: 1.12.0


Data file {{suffix.csvh}}:
{noformat}
id, suffix
1, json
2, parquet
{noformat}

The data file contains [one of four implicit 
columns|https://drill.apache.org/docs/querying-a-file-system-introduction/], 
namely suffix. User may override implicit column name using system / session 
property ({{ALTER session SET `drill.exec.storage.implicit.suffix.column.label` 
= 'appendix'}}).

But currently select from such data set returns an error:
{noformat}
2017-09-04 10:24:58,946 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.drill.exec.work.foreman.Foreman - Query text for query id 
26530034-9c9a-05ed-1ae3-2e086b49f196: select * from 
dfs.`D:\drill\files\suffix.csvh`
2017-09-04 10:24:58,963 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 7 classes for 
org.apache.drill.exec.store.dfs.FormatPlugin took 0ms
2017-09-04 10:24:58,964 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,964 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,964 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,976 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 7 classes for 
org.apache.drill.exec.store.dfs.FormatPlugin took 0ms
2017-09-04 10:24:58,977 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,977 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,977 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.c.s.persistence.ScanResult - loading 8 classes for 
org.apache.drill.common.logical.FormatPluginConfig took 0ms
2017-09-04 10:24:58,994 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:58,995 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:59,000 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.exec.store.dfs.FileSelection - FileSelection.getStatuses() took 0 ms, 
numFiles: 1
2017-09-04 10:24:59,001 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.e.s.schedule.BlockMapBuilder - Failure finding Drillbit running on host 
localhost.  Skipping affinity to that host.
2017-09-04 10:24:59,001 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO  
o.a.d.e.s.schedule.BlockMapBuilder - Get block maps: Executed 1 out of 1 using 
1 threads. Time: 0ms total, 0.297648ms avg, 0ms max.
2017-09-04 10:24:59,001 [26530034-9c9a-05ed-1ae3-2e086b49f196:foreman] INFO

[jira] [Created] (DRILL-5766) Stored XSS in APACHE DRILL

2017-09-04 Thread Sanjog Panda (JIRA) 
Sanjog Panda created DRILL-5766:
---

 Summary: Stored XSS in APACHE DRILL
 Key: DRILL-5766
 URL: https://issues.apache.org/jira/browse/DRILL-5766
 Project: Apache Drill
  Issue Type: Bug
  Components: Functions - Drill
Affects Versions: 1.11.0, 1.10.0, 1.9.0, 1.8.0, 1.7.0, 1.6.0
 Environment: Apache drill installed in debian system
Reporter: Sanjog Panda
Priority: Critical


Hello Apache security team,

I have been testing an application which internally uses the Apache drill 
software v 1.6 as of now.

I found XSS on profile page (sink) where in the user's malicious input comes 
from the Query page (source) where you run a query. 

Once the user give the below payload and load the profile page, it gets 
triggered and is stored.

I have attached the screenshot of payload 
alert(document.cookie).

*[screenshot link]
*
https://drive.google.com/file/d/0B8giJ3591fvUbm5JZWtjUTg3WmEwYmJQeWd6dURuV0gzOVd3/view?usp=sharing
https://drive.google.com/file/d/0B8giJ3591fvUV2lJRzZWOWRGNzN5S0JzdVlXSG1iNnVwRlAw/view?usp=sharing
 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)