SOLR-3161 An incoming isShard=true should be limited to a SearchHandler. Protects against shards.qt=/update attack

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1305218 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
David Wayne Smiley 2012-03-26 04:44:39 +00:00
parent 9491346128
commit 2e666feda9
2 changed files with 16 additions and 2 deletions

View File

@ -28,6 +28,7 @@ import org.apache.lucene.store.LockObtainFailedException;
import org.apache.solr.common.SolrException; import org.apache.solr.common.SolrException;
import org.apache.solr.common.params.CommonParams; import org.apache.solr.common.params.CommonParams;
import org.apache.solr.common.params.CommonParams.EchoParamStyle; import org.apache.solr.common.params.CommonParams.EchoParamStyle;
import org.apache.solr.common.params.ShardParams;
import org.apache.solr.common.params.SolrParams; import org.apache.solr.common.params.SolrParams;
import org.apache.solr.common.util.NamedList; import org.apache.solr.common.util.NamedList;
import org.apache.solr.common.util.SimpleOrderedMap; import org.apache.solr.common.util.SimpleOrderedMap;
@ -1542,6 +1543,9 @@ public final class SolrCore implements SolrInfoMBean {
toLog.add("path", req.getContext().get("path")); toLog.add("path", req.getContext().get("path"));
toLog.add("params", "{" + req.getParamString() + "}"); toLog.add("params", "{" + req.getParamString() + "}");
if (req.getParams().getBool(ShardParams.IS_SHARD,false) && !(handler instanceof SearchHandler))
throw new SolrException(SolrException.ErrorCode.BAD_REQUEST,"isShard is only acceptable with search handlers");
handler.handleRequest(req,rsp); handler.handleRequest(req,rsp);
setResponseHeaderValues(handler,req,rsp); setResponseHeaderValues(handler,req,rsp);
@ -1587,7 +1591,7 @@ public final class SolrCore implements SolrInfoMBean {
if( params.getBool(CommonParams.HEADER_ECHO_HANDLER, false) ) { if( params.getBool(CommonParams.HEADER_ECHO_HANDLER, false) ) {
responseHeader.add("handler", handler.getName() ); responseHeader.add("handler", handler.getName() );
} }
// Values for echoParams... false/true/all or false/explicit/all ??? // Values for echoParams... false/true/all or false/explicit/all ???
String ep = params.get( CommonParams.HEADER_ECHO_PARAMS, null ); String ep = params.get( CommonParams.HEADER_ECHO_PARAMS, null );
if( ep != null ) { if( ep != null ) {

View File

@ -28,6 +28,7 @@ import org.apache.solr.client.solrj.SolrServerException;
import org.apache.solr.client.solrj.embedded.JettySolrRunner; import org.apache.solr.client.solrj.embedded.JettySolrRunner;
import org.apache.solr.client.solrj.response.QueryResponse; import org.apache.solr.client.solrj.response.QueryResponse;
import org.apache.solr.cloud.ChaosMonkey; import org.apache.solr.cloud.ChaosMonkey;
import org.apache.solr.common.SolrException;
import org.apache.solr.common.params.CommonParams; import org.apache.solr.common.params.CommonParams;
import org.apache.solr.common.params.ModifiableSolrParams; import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.params.ShardParams; import org.apache.solr.common.params.ShardParams;
@ -278,6 +279,15 @@ public class TestDistributedSearch extends BaseDistributedSearchTestCase {
query("q","*:*", "rows",100); query("q","*:*", "rows",100);
} }
//SOLR 3161 ensure shards.qt=/update fails (anything but search handler really)
// Also see TestRemoteStreaming#testQtUpdateFails()
try {
query("q","*:*","shards.qt","/update","stream.body","<delete><query>*:*</query></delete>");
fail();
} catch (SolrException e) {
//expected
}
// test debugging // test debugging
handle.put("explain", UNORDERED); handle.put("explain", UNORDERED);
handle.put("debug", UNORDERED); handle.put("debug", UNORDERED);
@ -332,7 +342,7 @@ public class TestDistributedSearch extends BaseDistributedSearchTestCase {
// TODO: This test currently fails because debug info is obtained only // TODO: This test currently fails because debug info is obtained only
// on shards with matches. // on shards with matches.
// query("q","matchesnothing","fl","*,score", "debugQuery", "true"); // query("q","matchesnothing","fl","*,score", "debugQuery", "true");
// Thread.sleep(10000000000L); // Thread.sleep(10000000000L);
} }