[jira] [Resolved] (TEZ-4699) Add Validation/Canonical checks to avoid path exploitation in CSVResult.java

Jira Mon, 30 Mar 2026 07:25:10 -0700


     [ 
https://issues.apache.org/jira/browse/TEZ-4699?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


László Bodor resolved TEZ-4699.
-------------------------------
    Resolution: Fixed

> Add Validation/Canonical checks to avoid path exploitation in CSVResult.java
> ----------------------------------------------------------------------------
>
>                 Key: TEZ-4699
>                 URL: https://issues.apache.org/jira/browse/TEZ-4699
>             Project: Apache Tez
>          Issue Type: Improvement
>            Reporter: Ramit Gupta
>            Assignee: Ramit Gupta
>            Priority: Major
>             Fix For: 1.0.0
>
>          Time Spent: 5h 50m
>  Remaining Estimate: 0h
>
> {code:java}
> public void dumpToFile(String fileName) throws IOException {
> OutputStreamWriter writer = new OutputStreamWriter(
> new FileOutputStream(new File(fileName)),
> Charset.forName("UTF-8").newEncoder());{code}
> this part is exploitable as without any validation and canonical checks it is 
> opened for writing which should be avoided for a public method



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (TEZ-4699) Add Validation/Canonical checks to avoid path exploitation in CSVResult.java

Reply via email to