Tim Armstrong has posted comments on this change. ( http://gerrit.cloudera.org:8080/13672 )
Change subject: IMPALA-8584: Add cookie support to the HTTP HS2 server ...................................................................... Patch Set 6: (2 comments) LGTM. I had one final question about whether we need to be defensive about cookie verification to prevent it from using a lot of CPU in pathological cases. http://gerrit.cloudera.org:8080/#/c/13672/5/be/src/rpc/cookie-util.cc File be/src/rpc/cookie-util.cc: http://gerrit.cloudera.org:8080/#/c/13672/5/be/src/rpc/cookie-util.cc@104 PS5, Line 104: > Yeah, I guess my thinking was that it doesn't really matter what RNG we use I don't really have a better suggestion, it would probably be overcomplicating it to use something else. Maybe worth leaving a comment here that explains what you just said in your comment. http://gerrit.cloudera.org:8080/#/c/13672/6/be/src/transport/THttpServer.cpp File be/src/transport/THttpServer.cpp: http://gerrit.cloudera.org:8080/#/c/13672/6/be/src/transport/THttpServer.cpp@181 PS6, Line 181: vector<string> cookies = strings::Split(cookie_value_, ";"); I thought about whether it would be a good idea to limit the number of cookies we check (or the aggregate size of the cookies) to prevent potentially pathological behaviour. It could potentially be quite expensive to check a large number of cookies. -- To view, visit http://gerrit.cloudera.org:8080/13672 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I647c06f94ef91aa3b6413e91576c4ec506ed57f4 Gerrit-Change-Number: 13672 Gerrit-PatchSet: 6 Gerrit-Owner: Thomas Tauber-Marshall <tmarsh...@cloudera.com> Gerrit-Reviewer: Andrew Sherman <asher...@cloudera.com> Gerrit-Reviewer: Impala Public Jenkins <impala-public-jenk...@cloudera.com> Gerrit-Reviewer: Thomas Tauber-Marshall <tmarsh...@cloudera.com> Gerrit-Reviewer: Tim Armstrong <tarmstr...@cloudera.com> Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-Comment-Date: Thu, 22 Aug 2019 21:13:42 +0000 Gerrit-HasComments: Yes