[jira] [Created] (HDFS-16007) Vulnerabilities found when serializing enum value

junwen yang (Jira) Wed, 05 May 2021 13:57:03 -0700

junwen yang created HDFS-16007:
----------------------------------

             Summary: Vulnerabilities found when serializing enum value
                 Key: HDFS-16007
                 URL: https://issues.apache.org/jira/browse/HDFS-16007
             Project: Hadoop HDFS
          Issue Type: Improvement
            Reporter: junwen yang



ReplicaState enum is using ordinal to conduct serialization and 
deserialization, which is vulnerable to the order, to cause issues similar to 
HDFS-15624.

To avoid it, either adding comments to let later developer not to change this 
enum, or add index checking in the read and getState function to avoid index 
out of bound error. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org

[jira] [Created] (HDFS-16007) Vulnerabilities found when serializing enum value

Reply via email to