[ https://issues.apache.org/jira/browse/MESOS-5060?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15243420#comment-15243420 ]
Greg Mann commented on MESOS-5060: ---------------------------------- [~dongdong], I had a look at this code with BenM and there is a clear bug; we parse the {{length}} parameter as a {{ssize_t}}, which is a signed type, but then we use that length value (which may be negative) to initialize an array: {{boost::shared_array<char> data(new char[length]);}}. After discussing with BenM, there are a few cases of {{length}} and {{offset}} which we need to handle: * A user-defined {{length}} (strictly positive) * A default {{length}} if none is specified (perhaps equal to the page size) * A user-defined {{offset}} (positive, negative, or end-of-file) * A default {{offset}} The end-of-file offset is important because this endpoint is used to tail files. Unfortunately, we currently use {{offset == -1}} in the code to indicate the end-of-file offset. The end-of-file offset is currently the default value if no {{offset}} is specified; I don't find this to be very intuitive for users, but it may be our best option if we want to allow negative offsets (i.e., if we allow negative offsets, how would a user specify the end-of-file offset explicitly?). We can probably just remove support for negative values of {{length}}, and allow the user to use the default length by omitting that parameter. Have a look at the code and let me know what you think. Since this bug breaks part of the agent, we'd love to get a fix in soon; do you know when you might be able to take a look? Thanks! :-) > Requesting /files/read.json with a negative length value causes subsequent > /files requests to 404. > -------------------------------------------------------------------------------------------------- > > Key: MESOS-5060 > URL: https://issues.apache.org/jira/browse/MESOS-5060 > Project: Mesos > Issue Type: Bug > Affects Versions: 0.23.0 > Environment: Mesos 0.23.0 on CentOS 6, also Mesos 0.28.0 on OSX > Reporter: Tom Petr > Assignee: zhou xing > Priority: Minor > Fix For: 0.29.0 > > > I accidentally hit a slave's /files/read.json endpoint with a negative length > (ex. http://hostname:5051/files/read.json?path=XXX&offset=0&length=-100). The > HTTP request timed out after 30 seconds with nothing relevant in the slave > logs, and subsequent calls to any of the /files endpoints on that slave > immediately returned a HTTP 404 response. We ultimately got things working > again by restarting the mesos-slave process (checkpointing FTW!), but it'd be > wise to guard against negative lengths on the slave's end too. -- This message was sent by Atlassian JIRA (v6.3.4#6332)