[
https://issues.apache.org/jira/browse/HDFS-6368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13998331#comment-13998331
]
Andrew Wang commented on HDFS-6368:
-----------------------------------
Ted, note that ImageServlet#validateRequest checks that the upload comes from
an authorized user. If an attacker has compromised the NN or superuser account,
many other bad things can also happen.
I guess we could still validate, but I'm inclined to close as "not a problem".
> TransferFsImage#receiveFile() should perform validation on fsImageName
> parameter
> --------------------------------------------------------------------------------
>
> Key: HDFS-6368
> URL: https://issues.apache.org/jira/browse/HDFS-6368
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Ted Yu
> Priority: Minor
>
> Currently only null check is performed:
> {code}
> if (fsImageName == null) {
> throw new IOException("No filename header provided by server");
> }
> newLocalPaths.add(new File(localPath, fsImageName));
> {code}
> Value of fsImageName, obtained from HttpURLConnection header, may be tainted.
> This may allow an attacker to access, modify, or test the existence of
> critical or sensitive files.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
