[AMBARI-22805] Blueprints do not handle some failures properly #146
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rnettleton
approved these changes
Jan 18, 2018
jonathan-hurley
approved these changes
Jan 18, 2018
|
Refer to this link for build results (access rights to CI server needed): |
This was referenced Jan 20, 2018
AndresMaqueo
added a commit
to AndresMaqueo/ambari
that referenced
this pull request
Dec 31, 2025
… entity in user-controlled data ### Context This commit addresses a critical CodeQL finding (`java/xxe`) related to XML External Entity (XXE) processing in user-controlled XML data. The affected code path parses XML input without explicitly disabling DTDs and external entity resolution, which could allow XXE-based attacks such as: - Arbitrary file access - Server-side request forgery (SSRF) - Denial of service ### Change summary This change hardens the XML parsing configuration in `VersionDefinitionXml.load(InputStream)` by applying defensive parser settings recommended by OWASP and standard Java security guidance: **XMLInputFactory** - Explicitly disables DTD support - Explicitly disables external entity resolution **SchemaFactory** - Enables JAXP secure processing - Disables access to external DTDs and schemas (where supported) All settings are applied defensively using try/catch blocks to preserve compatibility with different JAXP implementations. ### Impact - No functional or behavioral changes for valid XML inputs - Malicious XML relying on external entities or DTDs will now fail to parse - Improves overall security posture without affecting business logic ### Notes - This change is limited in scope to XML parser hardening - No changes were made to higher-level logic or data flow - The fix is intentionally minimal and focused on security hardening Fixes: CodeQL alert apache#146 Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
AndresMaqueo
added a commit
to AndresMaqueo/ambari
that referenced
this pull request
Dec 31, 2025
Fixes CodeQL alert apache#146. This merge hardens XML parsing against XXE by disabling DTDs and external entity resolution. The change is intentionally minimal and limited to parser configuration only. No functional or behavioral changes outside XML parsing.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes were proposed in this pull request?
Introduce ABORTED state for topology host requests (cluster creation, scale hosts) to handle errors that happen in the pre-stage phase (during configure cluster task and other topology tasks). Return such state and cause of failure in
requestsAPI (cause is returned inrequest_context).https://issues.apache.org/jira/browse/AMBARI-22805
How was this patch tested?
Tested the following scenarios:
Unit tests:
Sample failed cluster creation:
@rnettleton @mhmxs