[
https://issues.apache.org/jira/browse/HDFS-11048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15645452#comment-15645452
]
Eric Badger commented on HDFS-11048:
------------------------------------
All backslashes in the input will be printed in the audit log as actual
backslashes, because they will be escaped by StringEscapeUtils and replaced
with double backslashes. So when they are actually printed, the double
backslash will be escaped and you will see a single backslash. All control
characters such as "\r" and "\n" will also be escaped and printed in their
escaped form.
You can walk through the {{TestAuditLogs#testAuditCharacterEscape}} test in a
debugger to see how the backslashes are escaped using
{{StringEscapeUtils.escapeJavaStyleString()}}
> Audit Log should escape control characters
> ------------------------------------------
>
> Key: HDFS-11048
> URL: https://issues.apache.org/jira/browse/HDFS-11048
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Eric Badger
> Assignee: Eric Badger
> Fix For: 2.8.0, 3.0.0-alpha2
>
> Attachments: HDFS-11048.001.patch, HDFS-11048.002.patch
>
>
> Allowing control characters without escaping them allows for spoofing audit
> log entries at worst and accidentally breaking log parsing at best.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
