Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HDFS-11048. Audit Log should escape control characters. Contributed by Eric Badger 

(cherry picked from commit 8a9388e5f6)
This commit is contained in:
Mingliang Liu 2016-10-28 10:53:14 -07:00
parent b85b5c6b94
commit d0da47ad9f
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
View File

@ -17,6 +17,7 @@
*/ */
package org.apache.hadoop.hdfs.server.namenode; package org.apache.hadoop.hdfs.server.namenode;
import static org.apache.commons.lang.StringEscapeUtils.escapeJava;
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT; import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_DEFAULT;
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY; import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.FS_TRASH_INTERVAL_KEY;
import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT; import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_CALLER_CONTEXT_ENABLED_DEFAULT;
@ -6733,6 +6734,8 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
if (auditLog.isDebugEnabled() || if (auditLog.isDebugEnabled() ||
(auditLog.isInfoEnabled() && !debugCmdSet.contains(cmd))) { (auditLog.isInfoEnabled() && !debugCmdSet.contains(cmd))) {
final StringBuilder sb = STRING_BUILDER.get(); final StringBuilder sb = STRING_BUILDER.get();
src = escapeJava(src);
dst = escapeJava(dst);
sb.setLength(0); sb.setLength(0);
sb.append("allowed=").append(succeeded).append("\t"); sb.append("allowed=").append(succeeded).append("\t");
sb.append("ugi=").append(userName).append("\t"); sb.append("ugi=").append(userName).append("\t");

9
hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/server/namenode/TestAuditLogs.java
View File

@ -297,6 +297,15 @@ public class TestAuditLogs {
verifyAuditLogsCheckPattern(true, 3, webOpenPattern); verifyAuditLogsCheckPattern(true, 3, webOpenPattern);
} }
/** make sure that "\r\n" isn't made into a newline in audit log */
@Test
public void testAuditCharacterEscape() throws Exception {
final Path file = new Path("foo" + "\r\n" + "bar");
setupAuditLogs();
fs.create(file);
verifyAuditLogsRepeat(true, 1);
}
/** Sets up log4j logger for auditlogs */ /** Sets up log4j logger for auditlogs */
private void setupAuditLogs() throws IOException { private void setupAuditLogs() throws IOException {
Logger logger = ((Log4JLogger) FSNamesystem.auditLog).getLogger(); Logger logger = ((Log4JLogger) FSNamesystem.auditLog).getLogger();