[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
jenkins-bot has submitted this change and it was merged.
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: Ie201f5de6e81fda45689d5a7c274c72eaf953c6c
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
Approvals:
DCausse: Looks good to me, approved
jenkins-bot: Verified
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 8b69d6b..6f8298e 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import org.elasticsearch.common.text.StringAndBytesText;
@@
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
jenkins-bot has submitted this change and it was merged.
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: I7f72c6af3f7e61eca0bd2e4a4f89f325107d83d8
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
Approvals:
DCausse: Looks good to me, approved
jenkins-bot: Verified
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 30d4b2c..1605e3c 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import org.elasticsearch.common.text.Text;
@@ -21,16 +20,10
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
jenkins-bot has submitted this change and it was merged.
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: Ic7d458b107d4b3f25d018f0792cbc02f38e0fb48
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
Approvals:
DCausse: Looks good to me, approved
jenkins-bot: Verified
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 8b69d6b..6f8298e 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import org.elasticsearch.common.text.StringAndBytesText;
@@
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
DCausse has uploaded a new change for review.
https://gerrit.wikimedia.org/r/291850
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: I7f72c6af3f7e61eca0bd2e4a4f89f325107d83d8
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/search/highlighter
refs/changes/50/291850/1
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 30d4b2c..1605e3c 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
DCausse has uploaded a new change for review.
https://gerrit.wikimedia.org/r/291847
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: Ie201f5de6e81fda45689d5a7c274c72eaf953c6c
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/search/highlighter
refs/changes/47/291847/1
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 8b69d6b..6f8298e 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
DCausse has uploaded a new change for review.
https://gerrit.wikimedia.org/r/291844
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Change-Id: Ic7d458b107d4b3f25d018f0792cbc02f38e0fb48
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/search/highlighter
refs/changes/44/291844/1
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 8b69d6b..6f8298e 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.ESLoggerFactory;
import
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
jenkins-bot has submitted this change and it was merged.
Change subject: Fix security violations
..
Fix security violations
Plugins are now loaded in their own ClassLoader. It is no more possible to use
the package trick to access package visibles members/methods owned by
elasticsearch/lucene. This patch removes all org.elasticsearch and
org.apache.lucene packages. Unfortunately this was not seen by integration
tests because we use the same classloader.
Bug: T133618
Change-Id: Ibcc4e7142e759f0d0158d0ad407abed984197604
---
D
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
R
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java
M
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java
R
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java
M
experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java
7 files changed, 46 insertions(+), 52 deletions(-)
Approvals:
Gehel: Looks good to me, but someone else must approve
EBernhardson: Looks good to me, approved
jenkins-bot: Verified
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
deleted file mode 100644
index 2becd87..000
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/RegexTooComplexException.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.elasticsearch.search.highlight;
-
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
-
-/**
- * Wraps Lucene's XTooComplexToDeterminizeException to be serializable to be
- * thrown over the wire.
- */
-public class RegexTooComplexException extends RuntimeException {
-private static final long serialVersionUID = -41975279199116247L;
-
-public RegexTooComplexException(TooComplexToDeterminizeException e) {
-super(e.getMessage());
-}
-}
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
index 20e29d3..8d74fe0 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java
@@ -3,7 +3,6 @@
import java.io.IOException;
import org.elasticsearch.ElasticsearchException;
-import org.elasticsearch.search.highlight.FieldWrapper;
import org.wikimedia.search.highlighter.experimental.Segmenter;
import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter;
diff --git
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
similarity index 94%
rename from
experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
rename to
experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
index 30d4b2c..1605e3c 100644
---
a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java
+++
b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java
@@ -1,4 +1,4 @@
-package org.elasticsearch.search.highlight;
+package org.wikimedia.highlighter.experimental.elasticsearch;
import java.io.IOException;
import java.util.ArrayList;
@@ -13,7 +13,6 @@
import org.apache.lucene.search.Query;
import org.apache.lucene.util.automaton.RegExp;
-import org.apache.lucene.util.automaton.TooComplexToDeterminizeException;
import org.elasticsearch.common.logging.ESLogger;
import
[MediaWiki-commits] [Gerrit] Fix security violations - change (search/highlighter)
DCausse has uploaded a new change for review. https://gerrit.wikimedia.org/r/285376 Change subject: Fix security violations .. Fix security violations Plugins are now loaded in their own ClassLoader. It is no more possible to use the package trick to access package visibles members/methods owned by elasticsearch/lucene. This patch removes all org.elasticsearch and org.apache.lucene packages. Unfortunately this was not seen by integration tests because we use the same classloader. Bug: T133618 Change-Id: Ibcc4e7142e759f0d0158d0ad407abed984197604 --- M experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java R experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java R experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/FieldWrapper.java R experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/RegexTooComplexException.java M experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/plugin/ExperimentalHighlighterModule.java R experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/automaton/OffsetReturningRunAutomaton.java M experimental-highlighter-lucene/src/main/java/org/wikimedia/highlighter/experimental/lucene/hit/AutomatonHitEnum.java 7 files changed, 47 insertions(+), 24 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/search/highlighter refs/changes/76/285376/1 diff --git a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java index 20e29d3..8d74fe0 100644 --- a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java +++ b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/DelayedSegmenter.java @@ -3,7 +3,6 @@ import java.io.IOException; import org.elasticsearch.ElasticsearchException; -import org.elasticsearch.search.highlight.FieldWrapper; import org.wikimedia.search.highlighter.experimental.Segmenter; import org.wikimedia.search.highlighter.experimental.snippet.MultiSegmenter; diff --git a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java similarity index 96% rename from experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java rename to experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java index 30d4b2c..4a93d45 100644 --- a/experimental-highlighter-elasticsearch-plugin/src/main/java/org/elasticsearch/search/highlight/ExperimentalHighlighter.java +++ b/experimental-highlighter-elasticsearch-plugin/src/main/java/org/wikimedia/highlighter/experimental/elasticsearch/ExperimentalHighlighter.java @@ -1,4 +1,4 @@ -package org.elasticsearch.search.highlight; +package org.wikimedia.highlighter.experimental.elasticsearch; import java.io.IOException; import java.util.ArrayList; @@ -21,16 +21,10 @@ import org.elasticsearch.common.util.LocaleUtils; import org.elasticsearch.index.mapper.FieldMapper; import org.elasticsearch.search.fetch.FetchPhaseExecutionException; +import org.elasticsearch.search.highlight.HighlightField; +import org.elasticsearch.search.highlight.Highlighter; +import org.elasticsearch.search.highlight.HighlighterContext; import org.elasticsearch.search.highlight.SearchContextHighlight.FieldOptions; -import org.wikimedia.highlighter.experimental.elasticsearch.BytesRefHashTermInfos; -import org.wikimedia.highlighter.experimental.elasticsearch.CharScanningSegmenterFactory; -import org.wikimedia.highlighter.experimental.elasticsearch.DelayedSegmenter; -import org.wikimedia.highlighter.experimental.elasticsearch.ElasticsearchQueryFlattener; -import org.wikimedia.highlighter.experimental.elasticsearch.FetchedFieldIndexPicker; -import org.wikimedia.highlighter.experimental.elasticsearch.OffsetSnippetFormatter; -import org.wikimedia.highlighter.experimental.elasticsearch.SegmenterFactory; -import org.wikimedia.highlighter.experimental.elasticsearch.SentenceIteratorSegmenterFactory; -import org.wikimedia.highlighter.experimental.elasticsearch.WholeSourceSegmenterFactory; import
