[
https://issues.apache.org/jira/browse/HADOOP-17711?focusedWorklogId=602182&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-602182
]
ASF GitHub Bot logged work on HADOOP-17711:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 26/May/21 08:11
Start Date: 26/May/21 08:11
Worklog Time Spent: 10m
Work Description: hadoop-yetus commented on pull request #3048:
URL: https://github.com/apache/hadoop/pull/3048#issuecomment-848563290
:broken_heart: **-1 overall**
| Vote | Subsystem | Runtime | Logfile | Comment |
|:----:|----------:|--------:|:--------:|:-------:|
| +0 :ok: | reexec | 0m 41s | | Docker mode activated. |
|||| _ Prechecks _ |
| +1 :green_heart: | dupname | 0m 0s | | No case conflicting files
found. |
| +0 :ok: | codespell | 0m 0s | | codespell was not available. |
| +1 :green_heart: | @author | 0m 0s | | The patch does not contain
any @author tags. |
| -1 :x: | test4tests | 0m 0s | | The patch doesn't appear to include
any new or modified tests. Please justify why no new tests are needed for this
patch. Also please list what manual steps were performed to verify this patch.
|
|||| _ trunk Compile Tests _ |
| +1 :green_heart: | mvninstall | 33m 41s | | trunk passed |
| +1 :green_heart: | compile | 22m 32s | | trunk passed with JDK
Ubuntu-11.0.10+9-Ubuntu-0ubuntu1.20.04 |
| +1 :green_heart: | compile | 20m 43s | | trunk passed with JDK
Private Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| +1 :green_heart: | checkstyle | 1m 11s | | trunk passed |
| +1 :green_heart: | mvnsite | 1m 36s | | trunk passed |
| +1 :green_heart: | javadoc | 1m 6s | | trunk passed with JDK
Ubuntu-11.0.10+9-Ubuntu-0ubuntu1.20.04 |
| +1 :green_heart: | javadoc | 1m 45s | | trunk passed with JDK
Private Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| +1 :green_heart: | spotbugs | 2m 41s | | trunk passed |
| +1 :green_heart: | shadedclient | 18m 39s | | branch has no errors
when building and testing our client artifacts. |
|||| _ Patch Compile Tests _ |
| +1 :green_heart: | mvninstall | 1m 0s | | the patch passed |
| +1 :green_heart: | compile | 23m 2s | | the patch passed with JDK
Ubuntu-11.0.10+9-Ubuntu-0ubuntu1.20.04 |
| +1 :green_heart: | javac | 23m 2s | | the patch passed |
| +1 :green_heart: | compile | 20m 28s | | the patch passed with JDK
Private Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| +1 :green_heart: | javac | 20m 28s | | the patch passed |
| +1 :green_heart: | blanks | 0m 0s | | The patch has no blanks
issues. |
| -0 :warning: | checkstyle | 1m 10s |
[/results-checkstyle-hadoop-common-project_hadoop-common.txt](https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3048/3/artifact/out/results-checkstyle-hadoop-common-project_hadoop-common.txt)
| hadoop-common-project/hadoop-common: The patch generated 1 new + 5
unchanged - 0 fixed = 6 total (was 5) |
| +1 :green_heart: | mvnsite | 1m 39s | | the patch passed |
| +1 :green_heart: | javadoc | 1m 6s | | the patch passed with JDK
Ubuntu-11.0.10+9-Ubuntu-0ubuntu1.20.04 |
| +1 :green_heart: | javadoc | 1m 40s | | the patch passed with JDK
Private Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| +1 :green_heart: | spotbugs | 2m 43s | | the patch passed |
| +1 :green_heart: | shadedclient | 18m 23s | | patch has no errors
when building and testing our client artifacts. |
|||| _ Other Tests _ |
| +1 :green_heart: | unit | 17m 36s | | hadoop-common in the patch
passed. |
| +1 :green_heart: | asflicense | 0m 55s | | The patch does not
generate ASF License warnings. |
| | | 194m 24s | | |
| Subsystem | Report/Notes |
|----------:|:-------------|
| Docker | ClientAPI=1.41 ServerAPI=1.41 base:
https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3048/3/artifact/out/Dockerfile
|
| GITHUB PR | https://github.com/apache/hadoop/pull/3048 |
| Optional Tests | dupname asflicense compile javac javadoc mvninstall
mvnsite unit shadedclient spotbugs checkstyle codespell |
| uname | Linux 4df2f5650ceb 4.15.0-136-generic #140-Ubuntu SMP Thu Jan 28
05:20:47 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | dev-support/bin/hadoop.sh |
| git revision | trunk / ddb8f39f988a901933342709525e65d965117d6b |
| Default Java | Private Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| Multi-JDK versions |
/usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.10+9-Ubuntu-0ubuntu1.20.04
/usr/lib/jvm/java-8-openjdk-amd64:Private
Build-1.8.0_282-8u282-b08-0ubuntu1~20.04-b08 |
| Test Results |
https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3048/3/testReport/ |
| Max. process+thread count | 2152 (vs. ulimit of 5500) |
| modules | C: hadoop-common-project/hadoop-common U:
hadoop-common-project/hadoop-common |
| Console output |
https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-3048/3/console |
| versions | git=2.25.1 maven=3.6.3 spotbugs=4.2.2 |
| Powered by | Apache Yetus 0.14.0-SNAPSHOT https://yetus.apache.org |
This message was automatically generated.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 602182)
Remaining Estimate: 0h (was: 10m)
Time Spent: 1h (was: 50m)
> A divide by zero bug in LoadBalancingKMSClientProvider.java
> -----------------------------------------------------------
>
> Key: HADOOP-17711
> URL: https://issues.apache.org/jira/browse/HADOOP-17711
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Reporter: Yiyuan GUO
> Priority: Major
> Labels: easyfix, pull-request-available, security
> Original Estimate: 1h
> Time Spent: 1h
> Remaining Estimate: 0h
>
> In the file _kms/LoadBalancingKMSClientProvider.java_, the function
> _rollNewVersion_ has the following
> [code|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/LoadBalancingKMSClientProvider.java#L509-#L516]:
>
> {code:java}
> @Override
> public KeyVersion rollNewVersion(final String name, final byte[] material)
> throws IOException {
> final KeyVersion newVersion = doOp(new ProviderCallable<KeyVersion>() {
> @Override
> public KeyVersion call(KMSClientProvider provider) throws IOException {
> return provider.rollNewVersion(name, material);
> }
> }, nextIdx(), false);
> ...
> }
> {code}
> The function _nextIdx_ uses _providers.length_ as a divisor:
> {code:java}
> private int nextIdx() {
> while (true) {
> int current = currentIdx.get();
> int next = (current + 1) % providers.length;
> ......
> }{code}
> However, _providers.length_ may be equal to zero, since the function _doOp_
> explicitly checks that and throws an exception when it happens:
> {code:java}
> private <T> T doOp(ProviderCallable<T> op, int currPos,
> boolean isIdempotent) throws IOException {
> if (providers.length == 0) {
> throw new IOException("No providers configured !");
> }
> ...
> }
> {code}
>
> The problem is that when _providers.length_ is 0, a divide by zero problem
> will happen when computing the argument for _doOp_ (inside the function
> _nextIdx_) before reaching the protection check above, causing an
> ArithmeticException.
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
