Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
apache
SkyWalking
提交
f4b739c2
S
SkyWalking
项目概览
apache
/
SkyWalking
上一次同步 大约 1 年
通知
302
Star
21345
Fork
6091
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
S
SkyWalking
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
未验证
提交
f4b739c2
编写于
12月 29, 2020
作者:
wu-sheng
提交者:
GitHub
12月 29, 2020
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix CVE of UninstrumentedGateways in Dynamic Configuration activation. (#6098)
上级
c010481c
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
160 addition
and
5 deletion
+160
-5
CHANGES.md
CHANGES.md
+1
-0
oap-server/analyzer/agent-analyzer/src/main/java/org/apache/skywalking/oap/server/analyzer/provider/trace/UninstrumentedGatewaysConfig.java
...analyzer/provider/trace/UninstrumentedGatewaysConfig.java
+16
-5
oap-server/analyzer/agent-analyzer/src/test/java/org/apache/skywalking/oap/server/analyzer/provider/trace/UninstrumentedGatewaysConfigTest.java
...yzer/provider/trace/UninstrumentedGatewaysConfigTest.java
+77
-0
oap-server/analyzer/agent-analyzer/src/test/resources/gateways.yml
...r/analyzer/agent-analyzer/src/test/resources/gateways.yml
+20
-0
oap-server/server-library/library-util/pom.xml
oap-server/server-library/library-util/pom.xml
+4
-0
oap-server/server-library/library-util/src/main/java/org/apache/skywalking/oap/server/library/util/yaml/ClassFilterConstructor.java
.../oap/server/library/util/yaml/ClassFilterConstructor.java
+42
-0
未找到文件。
CHANGES.md
浏览文件 @
f4b739c2
...
...
@@ -38,6 +38,7 @@ Release Notes.
*
Add component ID for NodeJS Axios plugin.
*
Fix searchService method error in storage-influxdb-plugin.
*
Add JavaScript component ID.
*
Fix CVE of UninstrumentedGateways in Dynamic Configuration activation.
#### UI
*
Fix un-removed tags in trace query.
...
...
oap-server/analyzer/agent-analyzer/src/main/java/org/apache/skywalking/oap/server/analyzer/provider/trace/UninstrumentedGatewaysConfig.java
浏览文件 @
f4b739c2
...
...
@@ -38,8 +38,8 @@ import org.apache.skywalking.oap.server.configuration.api.ConfigChangeWatcher;
import
org.apache.skywalking.oap.server.core.Const
;
import
org.apache.skywalking.oap.server.library.module.ModuleProvider
;
import
org.apache.skywalking.oap.server.library.util.ResourceUtils
;
import
org.apache.skywalking.oap.server.library.util.yaml.ClassFilterConstructor
;
import
org.yaml.snakeyaml.Yaml
;
import
org.yaml.snakeyaml.constructor.Constructor
;
import
static
java
.
util
.
Objects
.
isNull
;
...
...
@@ -86,8 +86,9 @@ public class UninstrumentedGatewaysConfig extends ConfigChangeWatcher {
}
else
{
gatewayInstanceKeyedByAddress
=
StreamSupport
.
stream
(
gateways
.
spliterator
(),
false
)
.
flatMap
(
instance
->
instance
.
getInstances
().
stream
())
.
collect
(
Collectors
.
toMap
(
GatewayInstanceInfo:
:
getAddress
,
Function
.
identity
()));
.
collect
(
Collectors
.
toMap
(
GatewayInstanceInfo:
:
getAddress
,
Function
.
identity
()));
}
}
...
...
@@ -102,7 +103,12 @@ public class UninstrumentedGatewaysConfig extends ConfigChangeWatcher {
private
GatewayInfos
parseGatewaysFromFile
(
final
String
file
)
{
try
{
final
Reader
reader
=
ResourceUtils
.
read
(
file
);
return
new
Yaml
().
loadAs
(
reader
,
GatewayInfos
.
class
);
return
new
Yaml
(
new
ClassFilterConstructor
(
new
Class
[]
{
GatewayInfos
.
class
,
GatewayInfo
.
class
,
GatewayInstanceInfo
.
class
,
}))
.
loadAs
(
reader
,
GatewayInfos
.
class
);
}
catch
(
FileNotFoundException
e
)
{
log
.
error
(
"Cannot load gateways from: {}"
,
file
,
e
);
}
...
...
@@ -111,7 +117,12 @@ public class UninstrumentedGatewaysConfig extends ConfigChangeWatcher {
private
GatewayInfos
parseGatewaysFromYml
(
final
String
ymlContent
)
{
try
{
return
new
Yaml
(
new
Constructor
(
GatewayInfos
.
class
)).
loadAs
(
ymlContent
,
GatewayInfos
.
class
);
return
new
Yaml
(
new
ClassFilterConstructor
(
new
Class
[]
{
GatewayInfos
.
class
,
GatewayInfo
.
class
,
GatewayInstanceInfo
.
class
,
}))
.
loadAs
(
ymlContent
,
GatewayInfos
.
class
);
}
catch
(
Exception
e
)
{
log
.
error
(
"Failed to parse yml content as gateways: \n{}"
,
ymlContent
,
e
);
}
...
...
oap-server/analyzer/agent-analyzer/src/test/java/org/apache/skywalking/oap/server/analyzer/provider/trace/UninstrumentedGatewaysConfigTest.java
0 → 100644
浏览文件 @
f4b739c2
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package
org.apache.skywalking.oap.server.analyzer.provider.trace
;
import
org.apache.skywalking.oap.server.library.module.ModuleConfig
;
import
org.apache.skywalking.oap.server.library.module.ModuleDefine
;
import
org.apache.skywalking.oap.server.library.module.ModuleProvider
;
import
org.apache.skywalking.oap.server.library.module.ModuleStartException
;
import
org.apache.skywalking.oap.server.library.module.ServiceNotProvidedException
;
import
org.junit.Assert
;
import
org.junit.Test
;
import
org.powermock.reflect.Whitebox
;
public
class
UninstrumentedGatewaysConfigTest
{
@Test
public
void
testParseGatewayYAML
()
throws
Exception
{
final
UninstrumentedGatewaysConfig
uninstrumentedGatewaysConfig
=
new
UninstrumentedGatewaysConfig
(
new
MockProvider
());
UninstrumentedGatewaysConfig
.
GatewayInfos
gatewayInfos
=
Whitebox
.
invokeMethod
(
uninstrumentedGatewaysConfig
,
"parseGatewaysFromFile"
,
"gateways.yml"
);
Assert
.
assertEquals
(
1
,
gatewayInfos
.
getGateways
().
size
());
}
private
static
class
MockProvider
extends
ModuleProvider
{
@Override
public
String
name
()
{
return
null
;
}
@Override
public
Class
<?
extends
ModuleDefine
>
module
()
{
return
null
;
}
@Override
public
ModuleConfig
createConfigBeanIfAbsent
()
{
return
null
;
}
@Override
public
void
prepare
()
throws
ServiceNotProvidedException
,
ModuleStartException
{
}
@Override
public
void
start
()
throws
ServiceNotProvidedException
,
ModuleStartException
{
}
@Override
public
void
notifyAfterCompleted
()
throws
ServiceNotProvidedException
,
ModuleStartException
{
}
@Override
public
String
[]
requiredModules
()
{
return
new
String
[
0
];
}
}
}
oap-server/analyzer/agent-analyzer/src/test/resources/gateways.yml
0 → 100755
浏览文件 @
f4b739c2
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
gateways
:
-
name
:
proxy0
instances
:
-
host
:
127.0.0.1
# the host/ip of this gateway instance
port
:
9099
# the port of this gateway instance, defaults to 80
oap-server/server-library/library-util/pom.xml
浏览文件 @
f4b739c2
...
...
@@ -62,5 +62,9 @@
<groupId>
org.apache.commons
</groupId>
<artifactId>
commons-text
</artifactId>
</dependency>
<dependency>
<groupId>
org.yaml
</groupId>
<artifactId>
snakeyaml
</artifactId>
</dependency>
</dependencies>
</project>
oap-server/server-library/library-util/src/main/java/org/apache/skywalking/oap/server/library/util/yaml/ClassFilterConstructor.java
0 → 100644
浏览文件 @
f4b739c2
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package
org.apache.skywalking.oap.server.library.util.yaml
;
import
lombok.RequiredArgsConstructor
;
import
org.yaml.snakeyaml.constructor.Constructor
;
/**
* Whitelist constructor implementation for YAML snake.
* Copied from Apache ShardingSphere.
*/
@RequiredArgsConstructor
public
final
class
ClassFilterConstructor
extends
Constructor
{
private
final
Class
<?>[]
acceptClasses
;
@Override
protected
Class
<?>
getClassForName
(
final
String
name
)
throws
ClassNotFoundException
{
for
(
Class
<?
extends
Object
>
each
:
acceptClasses
)
{
if
(
name
.
equals
(
each
.
getName
()))
{
return
super
.
getClassForName
(
name
);
}
}
throw
new
IllegalArgumentException
(
String
.
format
(
"Class is not accepted: %s"
,
name
));
}
}
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录