[
https://issues.apache.org/jira/browse/MESOS-7773?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16125532#comment-16125532
]
Benno Evers commented on MESOS-7773:
------------------------------------
While we're at it, we should also make sure that we always return BadRequest on
malformed user input instead of `CHECK`-ing and aborting. Right now, there are
some places where it looks like we're asserting certain properties of
user-passed protobuf messages, for example the local authorizer seems to
`CHECK` that certain fields of the passed protobuf message was set.
(src/authorizer/local/authorizer.cpp:312)
> HTTP request validation stage is not explicit.
> ----------------------------------------------
>
> Key: MESOS-7773
> URL: https://issues.apache.org/jira/browse/MESOS-7773
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Reporter: Alexander Rukletsov
> Labels: mesosphere, reliability
>
> Currently we validate HTTP requests in multiple places in libprocess, for
> instance {{ProcessManager::handle()}}, {{StreamingRequestDecoder::decode()}},
> {{process::parse()}}. To improve error handling when dealing with malformed
> HTTP requests (including libprocess messages), consider introducing a
> validation stage and / or make sure {{Request}} and all its components are in
> valid state before we start using it.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
