[ https://issues.apache.org/jira/browse/HDFS-11048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15645452#comment-15645452 ]
Eric Badger commented on HDFS-11048: ------------------------------------ All backslashes in the input will be printed in the audit log as actual backslashes, because they will be escaped by StringEscapeUtils and replaced with double backslashes. So when they are actually printed, the double backslash will be escaped and you will see a single backslash. All control characters such as "\r" and "\n" will also be escaped and printed in their escaped form. You can walk through the {{TestAuditLogs#testAuditCharacterEscape}} test in a debugger to see how the backslashes are escaped using {{StringEscapeUtils.escapeJavaStyleString()}} > Audit Log should escape control characters > ------------------------------------------ > > Key: HDFS-11048 > URL: https://issues.apache.org/jira/browse/HDFS-11048 > Project: Hadoop HDFS > Issue Type: Bug > Reporter: Eric Badger > Assignee: Eric Badger > Fix For: 2.8.0, 3.0.0-alpha2 > > Attachments: HDFS-11048.001.patch, HDFS-11048.002.patch > > > Allowing control characters without escaping them allows for spoofing audit > log entries at worst and accidentally breaking log parsing at best. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org