Skip to content

HDDS-12649. Include name in length validation error #8322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
adoroszlai merged 4 commits into from
Apr 28, 2025
Merged

HDDS-12649. Include name in length validation error #8322

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9f39dc9
HDDS-12649. Include name in length validation error
octachoron Apr 22, 2025
b0239d6
Address review concerns
octachoron Apr 28, 2025
f3c961f
Apply suggestions from code review
octachoron Apr 28, 2025
5463473
Address second round of review concerns
octachoron Apr 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions hadoop-hdds/client/src/main/java/org/apache/hadoop/hdds/scm/client/HddsClientUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ private static void doNameChecks(String resName, String resType) {
if (resName.length() < OzoneConsts.OZONE_MIN_BUCKET_NAME_LENGTH ||
resName.length() > OzoneConsts.OZONE_MAX_BUCKET_NAME_LENGTH) {
throw new IllegalArgumentException(resType +
" length is illegal, " + "valid length is 3-63 characters");
" name '" + resName + "' is of illegal length, " + "valid length is 3-63 characters");
}
Copy link
Contributor

@adoroszlai adoroszlai Apr 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • I think we could further improve it by checking and rejecting too short and too long values separately. Then we can state "too short" and "too long" instead of "illegal length".
  • Should we cap too long invalid value in the message at some reasonable length?

Copy link
Contributor Author

@octachoron octachoron Apr 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Indeed! That would be better.
  • Yes, I think so too. If the special character check made sense, then this does as well.

Thank you, added both.


if (resName.charAt(0) == '.' || resName.charAt(0) == '-') {
Expand Down Expand Up @@ -150,9 +150,6 @@ public static void verifyResourceName(String resName, String resType) {
* @throws IllegalArgumentException
*/
public static void verifyResourceName(String resName, String resType, boolean isStrictS3) {

doNameChecks(resName, resType);

boolean isIPv4 = true;
char prev = (char) 0;

Expand All @@ -169,6 +166,8 @@ public static void verifyResourceName(String resName, String resType, boolean is
throw new IllegalArgumentException(resType +
" name cannot be an IPv4 address or all numeric");
}

doNameChecks(resName, resType);
}

/**
Expand Down
41 changes: 39 additions & 2 deletions hadoop-hdds/client/src/test/java/org/apache/hadoop/hdds/scm/client/TestHddsClientUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,14 @@
import static org.apache.hadoop.hdds.scm.ScmConfigKeys.OZONE_SCM_CLIENT_PORT_KEY;
import static org.apache.hadoop.hdds.scm.ScmConfigKeys.OZONE_SCM_NAMES;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertSame;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;

import com.google.common.collect.ImmutableList;
import java.io.IOException;
import java.net.ConnectException;
import java.net.InetSocketAddress;
Expand Down Expand Up @@ -191,6 +194,10 @@ public void testBlockClientFallbackToClientWithPort() {
assertEquals(OZONE_SCM_BLOCK_CLIENT_PORT_DEFAULT, address.getPort());
}

private String getInvalidNameMessage(String invalidString) {
return "Did not reject invalid string [" + invalidString + "] as a name";
}

@Test
public void testVerifyResourceName() {
final String validName = "my-bucket.01";
Expand Down Expand Up @@ -225,8 +232,38 @@ public void testVerifyResourceName() {

for (String name : invalidNames) {
assertThrows(IllegalArgumentException.class, () -> HddsClientUtils.verifyResourceName(name),
"Did not reject invalid string [" + name + "] as a name");
getInvalidNameMessage(name));
}

// Message should include the name and resource type, if the name is of
// illegal length.
List<String> resourceTypes = ImmutableList.of("bucket", "volume");
for (int i = 0; i < 2; i++) {
String resType = resourceTypes.get(i);
String otherResType = resourceTypes.get(1 - i);
Throwable thrown = assertThrows(
IllegalArgumentException.class,
() -> HddsClientUtils.verifyResourceName(tooShort, resType, true),
getInvalidNameMessage(tooShort));

String message = thrown.getMessage();
assertNotNull(message);
assertTrue(message.contains(resType));
assertFalse(message.contains(otherResType));
assertTrue(thrown.getMessage().contains(tooShort));
Copy link
Contributor

@adoroszlai adoroszlai Apr 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use assertThat instead of assertTrue/assertFalse for better failure message. (See HDDS-9951 for details.)

Copy link
Contributor Author

@octachoron octachoron Apr 28, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds like a significant improvement indeed. Thank you for including the ticket link too. Updated.

Edit: I will keep this in mind for the future as well.

}

// However, such names also containing unsupported characters should not be
// logged verbatim. This is to avoid vulnerabilities like Log4Shell.
final String tooShortInvalidChar = "$a";
Throwable thrown = assertThrows(
IllegalArgumentException.class,
() -> HddsClientUtils.verifyResourceName(tooShortInvalidChar),
getInvalidNameMessage(tooShortInvalidChar));

String message = thrown.getMessage();
assertNotNull(message);
assertFalse(message.contains(tooShortInvalidChar));
Copy link
Contributor

@adoroszlai adoroszlai Apr 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add these new test cases as separate two test methods. I think tooShort can be moved, no need to test it twice.

Copy link
Contributor Author

@octachoron octachoron Apr 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It crossed my mind the first time around. Sounds like I made the wrong call then. 🙂 Sure, it's split up now, thank you.

}

@Test
Expand All @@ -250,7 +287,7 @@ void testVerifyKeyName() throws IllegalArgumentException {

for (String name : invalidNames) {
assertThrows(IllegalArgumentException.class, () -> HddsClientUtils.verifyKeyName(name),
"Did not reject invalid string [" + name + "] as a name");
getInvalidNameMessage(name));
}

List<String> validNames = new ArrayList<>();
Expand Down