github-advanced-security[bot] commented on code in PR #16512: URL: https://github.com/apache/druid/pull/16512#discussion_r1621323193
########## indexing-service/src/main/java/org/apache/druid/indexing/overlord/TaskQueue.java: ########## @@ -1018,4 +1022,37 @@ giant.unlock(); } } + + void validateTaskPayload(Task task) + { + try { + String payload = passwordRedactingMapper.writeValueAsString(task); + if (payload.length() > TASK_SIZE_WARNING_THRESHOLD) { + log.warn("Received a large task payload [%s] with id [%s] and datasource [%s]" + + " There may be downstream issues caused by managing this large payload." + + "Set druid.indexer.queue.maxTaskPayloadSize to reject tasks above a certain size.", + payload.length(), + task.getId(), + task.getDataSource() + ); + } + + if (config.getMaxTaskPayloadSize() != null && config.getMaxTaskPayloadSize().getBytesInInt() < payload.length()) { + throw DruidException.forPersona(DruidException.Persona.OPERATOR) + .ofCategory(DruidException.Category.INVALID_INPUT) + .build( + "Task payload size was [%d] but max size is [%d]. " + + "Reduce the size of the task or increase 'druid.indexer.queue.maxTaskPayloadSize'.", + payload.length(), + config.getMaxTaskPayloadSize() + ); + } + } + catch (JsonProcessingException e) { + throw DruidException.defensive( + "Failed to parse task payload for validation", + e + ); Review Comment: ## Unused format argument This format call refers to 0 argument(s) but supplies 1 argument(s). [Show more details](https://github.com/apache/druid/security/code-scanning/7425) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For additional commands, e-mail: commits-h...@druid.apache.org