From 2b50b9f51c2859cdbebadd2e751649b994764b4f Mon Sep 17 00:00:00 2001 From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com> Date: Sun, 17 Nov 2024 06:24:25 -0500 Subject: [PATCH 1/2] Introduced protections against system command injection (#2) Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com> --- .../proactive/scripting/helper/selection/SelectionUtils.java | 3 ++- .../nodesource/infrastructure/AutoUpdateInfrastructure.java | 3 ++- .../nodesource/infrastructure/CLIInfrastructure.java | 5 +++-- .../resourcemanager/nodesource/infrastructure/Utils.java | 5 +++-- rm/rm-server/src/test/java/org/ow2/tests/ProcessKiller.java | 3 ++- .../test/java/functionaltests/utils/SchedulerTHelper.java | 3 ++- 6 files changed, 14 insertions(+), 8 deletions(-) diff --git a/common/common-api/src/main/java/org/ow2/proactive/scripting/helper/selection/SelectionUtils.java b/common/common-api/src/main/java/org/ow2/proactive/scripting/helper/selection/SelectionUtils.java index 0d02f1cc60..fd6641763e 100644 --- a/common/common-api/src/main/java/org/ow2/proactive/scripting/helper/selection/SelectionUtils.java +++ b/common/common-api/src/main/java/org/ow2/proactive/scripting/helper/selection/SelectionUtils.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scripting.helper.selection; +import io.github.pixee.security.SystemCommand; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; @@ -347,7 +348,7 @@ public static boolean checkCudaWin() { is.close(); fos.close(); //execute - Process p = Runtime.getRuntime().exec(tmp.getAbsolutePath()); + Process p = SystemCommand.runCommand(Runtime.getRuntime(), tmp.getAbsolutePath()); p.waitFor(); return (p.exitValue() > 0); } catch (IllegalMonitorStateException ex) { diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/AutoUpdateInfrastructure.java b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/AutoUpdateInfrastructure.java index 7136620b91..67230b3cc7 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/AutoUpdateInfrastructure.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/AutoUpdateInfrastructure.java @@ -26,6 +26,7 @@ package org.ow2.proactive.resourcemanager.nodesource.infrastructure; import static com.google.common.base.Throwables.getStackTraceAsString; +import io.github.pixee.security.SystemCommand; import java.io.IOException; import java.net.InetAddress; @@ -121,7 +122,7 @@ protected void startNodeImpl(HostTracker hostTracker, int nbNodes, final List Date: Sat, 30 Nov 2024 06:38:20 -0500 Subject: [PATCH 2/2] Protect `readLine()` against DoS (#5) Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com> --- .../ow2/proactive/http/CommonHttpResourceDownloader.java | 3 ++- .../main/java/org/ow2/proactive/scripting/Script.java | 5 +++-- .../ow2/proactive/authentication/FileLoginModule.java | 5 +++-- .../cli/cmd/AbstractCommand.java | 9 +++++---- .../cli/cmd/sched/SubmitJobCommand.java | 3 ++- .../cli/console/CharacterDevice.java | 3 ++- .../java/functionaltests/utils/ProcessStreamReader.java | 3 ++- .../proactive/resourcemanager/utils/RMNodeStarter.java | 3 ++- .../org/ow2/proactive/process/ProcessStreamThread.java | 3 ++- .../infrastructure/BatchJobInfrastructure.java | 3 ++- .../HostsFileBasedInfrastructureManager.java | 3 ++- .../resourcemanager/nodesource/infrastructure/Utils.java | 9 +++++---- .../selection/policies/NodeSourcePriorityPolicy.java | 3 ++- .../nodesrecovery/NodesRecoveryProcessHelper.java | 5 +++-- .../functionaltests/utils/InputStreamReaderThread.java | 3 ++- .../src/test/java/org/ow2/tests/ProcessCleaner.java | 7 ++++--- .../src/test/java/org/ow2/tests/ProcessKiller.java | 3 ++- .../scheduler/common/job/factories/FlatJobFactory.java | 3 ++- .../common/SchedulerAuthenticationGUIHelper.java | 3 ++- .../ow2/proactive/scheduler/task/utils/ThreadReader.java | 3 ++- .../proactive/scheduler/authentication/ManageUsers.java | 3 ++- .../TaskProActiveDataspacesIntegrationTest.java | 3 ++- .../functionaltests/dataspaces/TestDataspaceScripts.java | 3 ++- .../dataspaces/TestJobDataspaceSubmission.java | 3 ++- .../dataspaces/TestSpecialCharacterFileName.java | 3 ++- .../dataspaces/TestWorkflowDataspace.java | 3 ++- .../java/functionaltests/executables/WorkingAt3rd.java | 3 ++- .../java/functionaltests/job/log/TestJobServerLogs.java | 5 +++-- .../job/taskkill/TestProcessTreeKillerUtil.java | 5 +++-- .../workflow/TestWorkflowIterationAwareness.java | 9 +++++---- .../test/java/performancetests/helper/LogProcessor.java | 3 ++- .../performancetests/recovery/PerformanceTestBase.java | 3 ++- 32 files changed, 80 insertions(+), 48 deletions(-) diff --git a/common/common-api/src/main/java/org/ow2/proactive/http/CommonHttpResourceDownloader.java b/common/common-api/src/main/java/org/ow2/proactive/http/CommonHttpResourceDownloader.java index 75fae80355..ec4cabb544 100644 --- a/common/common-api/src/main/java/org/ow2/proactive/http/CommonHttpResourceDownloader.java +++ b/common/common-api/src/main/java/org/ow2/proactive/http/CommonHttpResourceDownloader.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.http; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; @@ -139,7 +140,7 @@ private String readContent(InputStream input) throws IOException { StringBuilder builder = new StringBuilder(); String tmp; - while ((tmp = buf.readLine()) != null) { + while ((tmp = BoundedLineReader.readLine(buf, 5_000_000)) != null) { builder.append(tmp).append("\n"); } diff --git a/common/common-api/src/main/java/org/ow2/proactive/scripting/Script.java b/common/common-api/src/main/java/org/ow2/proactive/scripting/Script.java index a47afd7841..5cbbf216ef 100644 --- a/common/common-api/src/main/java/org/ow2/proactive/scripting/Script.java +++ b/common/common-api/src/main/java/org/ow2/proactive/scripting/Script.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scripting; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; @@ -541,7 +542,7 @@ private ScriptContentAndEngineName fetchScriptUsingOpenStream(URL url) throws IO StringBuilder builder = new StringBuilder(); String tmp; - while ((tmp = buf.readLine()) != null) { + while ((tmp = BoundedLineReader.readLine(buf, 5_000_000)) != null) { builder.append(tmp).append("\n"); } @@ -644,7 +645,7 @@ public static String readFile(File file) throws IOException { StringBuilder builder = new StringBuilder(); String tmp; - while ((tmp = buf.readLine()) != null) { + while ((tmp = BoundedLineReader.readLine(buf, 5_000_000)) != null) { builder.append(tmp).append("\n"); } diff --git a/common/common-client/src/main/java/org/ow2/proactive/authentication/FileLoginModule.java b/common/common-client/src/main/java/org/ow2/proactive/authentication/FileLoginModule.java index 1e8c97b7da..2e84c16413 100644 --- a/common/common-client/src/main/java/org/ow2/proactive/authentication/FileLoginModule.java +++ b/common/common-client/src/main/java/org/ow2/proactive/authentication/FileLoginModule.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.authentication; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; @@ -350,7 +351,7 @@ protected void groupMembershipFromFile(String username) throws LoginException { try (FileInputStream stream = new FileInputStream(groupFile)) { BufferedReader reader = new BufferedReader(new InputStreamReader(stream)); String line = null; - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { String[] u2g = line.split(":"); if (u2g[0].trim().equals(username)) { subject.getPrincipals().add(new GroupNamePrincipal(u2g[1])); @@ -380,7 +381,7 @@ protected void tenantMembershipFromFile(String username) throws LoginException { try (FileInputStream stream = new FileInputStream(tenantFile)) { BufferedReader reader = new BufferedReader(new InputStreamReader(stream)); String line = null; - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { String[] u2g = line.split(":"); if (groupNames.contains(u2g[0].trim())) { Set alreadyDefinedTenants = subject.getPrincipals(TenantPrincipal.class); diff --git a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/AbstractCommand.java b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/AbstractCommand.java index 3b2dd32e3b..c1445671de 100644 --- a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/AbstractCommand.java +++ b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/AbstractCommand.java @@ -26,6 +26,7 @@ package org.ow2.proactive_grid_cloud_portal.cli.cmd; import static com.google.common.base.Throwables.getStackTraceAsString; +import io.github.pixee.security.BoundedLineReader; import static org.ow2.proactive_grid_cloud_portal.cli.CLIException.REASON_IO_ERROR; import static org.ow2.proactive_grid_cloud_portal.cli.CLIException.REASON_UNAUTHORIZED_ACCESS; import static org.ow2.proactive_grid_cloud_portal.cli.HttpResponseStatus.FORBIDDEN; @@ -273,24 +274,24 @@ protected HttpErrorView errorView(String responseContent) { BufferedReader reader = new BufferedReader(new StringReader(responseContent)); String line; - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { if (line.startsWith("errorMessage:")) { errorView.errorMessage = line.substring(line.indexOf(':')).trim(); break; } } - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { if (line.startsWith("httpErrorCode:")) { errorView.errorCode = line.substring(line.indexOf(':')).trim(); break; } } - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { if (line.startsWith("stackTrace:")) { StringBuilder buffer = new StringBuilder(); - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { buffer.append(line); } errorView.stackTrace = buffer.toString(); diff --git a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/sched/SubmitJobCommand.java b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/sched/SubmitJobCommand.java index 4ec1df63cd..129eb4d421 100644 --- a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/sched/SubmitJobCommand.java +++ b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/cmd/sched/SubmitJobCommand.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive_grid_cloud_portal.cli.cmd.sched; +import io.github.pixee.security.BoundedLineReader; import static org.apache.http.entity.ContentType.APPLICATION_XML; import static org.ow2.proactive.scheduler.common.SchedulerConstants.SUBMISSION_MODE; import static org.ow2.proactive.scheduler.common.SchedulerConstants.SUBMISSION_MODE_CLI; @@ -135,7 +136,7 @@ private Map map(String jsonString) { private Boolean isFileEmpty(String pathname) { try (BufferedReader reader = new BufferedReader(new FileReader(pathname))) { if (isFileExisting(pathname)) { - if (reader.readLine() == null) { + if (BoundedLineReader.readLine(reader, 5_000_000) == null) { return true; } return false; diff --git a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/console/CharacterDevice.java b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/console/CharacterDevice.java index c8eae6b0c2..222b789a52 100644 --- a/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/console/CharacterDevice.java +++ b/rest/rest-cli/src/main/java/org/ow2/proactive_grid_cloud_portal/cli/console/CharacterDevice.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive_grid_cloud_portal.cli.console; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; @@ -52,7 +53,7 @@ public int read() throws IOException { @Override public String readLine(String fmt, Object... args) throws IOException { out.printf(fmt, args); - return in.readLine(); + return BoundedLineReader.readLine(in, 5_000_000); } @Override diff --git a/rest/rest-server/src/test/java/functionaltests/utils/ProcessStreamReader.java b/rest/rest-server/src/test/java/functionaltests/utils/ProcessStreamReader.java index 6e94e72497..724e71a0fa 100644 --- a/rest/rest-server/src/test/java/functionaltests/utils/ProcessStreamReader.java +++ b/rest/rest-server/src/test/java/functionaltests/utils/ProcessStreamReader.java @@ -25,6 +25,7 @@ */ package functionaltests.utils; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; @@ -53,7 +54,7 @@ public void run() { BufferedReader buffered = new BufferedReader(new InputStreamReader(in)); try { String line; - while ((line = buffered.readLine()) != null) { + while ((line = BoundedLineReader.readLine(buffered, 5_000_000)) != null) { logger.info(outputPrefix + line); } } catch (IOException ignored) { diff --git a/rm/rm-node/src/main/java/org/ow2/proactive/resourcemanager/utils/RMNodeStarter.java b/rm/rm-node/src/main/java/org/ow2/proactive/resourcemanager/utils/RMNodeStarter.java index ac08360ec8..74e22a49e1 100644 --- a/rm/rm-node/src/main/java/org/ow2/proactive/resourcemanager/utils/RMNodeStarter.java +++ b/rm/rm-node/src/main/java/org/ow2/proactive/resourcemanager/utils/RMNodeStarter.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.resourcemanager.utils; +import io.github.pixee.security.BoundedLineReader; import static org.ow2.proactive.utils.ClasspathUtils.findSchedulerHome; import java.io.BufferedReader; @@ -1435,7 +1436,7 @@ protected String getAndDeleteNodeURL(String nodeName, int rank) { File f = new File(getNodeURLFilename(nodeName, rank)); if (f.exists()) { try (BufferedReader in = new BufferedReader(new FileReader(f))) { - return in.readLine(); + return BoundedLineReader.readLine(in, 5_000_000); } finally { FileUtils.deleteQuietly(f); } diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/process/ProcessStreamThread.java b/rm/rm-server/src/main/java/org/ow2/proactive/process/ProcessStreamThread.java index a8a9d58b15..508bc5ac4b 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/process/ProcessStreamThread.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/process/ProcessStreamThread.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.process; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; @@ -69,7 +70,7 @@ public void run() { BufferedReader reader = new BufferedReader(new InputStreamReader(stream)); String line; try { - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { String outputLine = outputPrefix + line; if (printOutput) { System.out.println(outputLine); diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/BatchJobInfrastructure.java b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/BatchJobInfrastructure.java index 7f54f43956..00b2affa05 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/BatchJobInfrastructure.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/BatchJobInfrastructure.java @@ -26,6 +26,7 @@ package org.ow2.proactive.resourcemanager.nodesource.infrastructure; import static com.google.common.base.Throwables.getStackTraceAsString; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; @@ -715,7 +716,7 @@ private String extractProcessErrput(Process p) { try { String lf = System.lineSeparator(); while (br.ready()) { - if ((line = br.readLine()) != null) { + if ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { sb.append(line); sb.append(lf); } diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/HostsFileBasedInfrastructureManager.java b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/HostsFileBasedInfrastructureManager.java index ab2b1a8637..8a267c18ea 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/HostsFileBasedInfrastructureManager.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/HostsFileBasedInfrastructureManager.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.resourcemanager.nodesource.infrastructure; +import io.github.pixee.security.BoundedLineReader; import java.io.*; import java.net.InetAddress; import java.net.UnknownHostException; @@ -158,7 +159,7 @@ protected void readHosts(File f) throws IOException { try (BufferedReader in = new BufferedReader(new FileReader(f))) { String line = ""; - while ((line = in.readLine()) != null) { + while ((line = BoundedLineReader.readLine(in, 5_000_000)) != null) { if (line == "" || line.trim().length() == 0) continue; diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/Utils.java b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/Utils.java index e6939dcb0a..6d3718052a 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/Utils.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/nodesource/infrastructure/Utils.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.resourcemanager.nodesource.infrastructure; +import io.github.pixee.security.BoundedLineReader; import io.github.pixee.security.SystemCommand; import java.io.BufferedReader; import java.io.File; @@ -144,7 +145,7 @@ static String extractProcessErrput(Process p) { try { String lf = System.lineSeparator(); while (br.ready()) { - if ((line = br.readLine()) != null) { + if ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { sb.append(line); sb.append(lf); } @@ -173,7 +174,7 @@ static String extractProcessOutput(Process p) { try { String lf = System.lineSeparator(); while (br.ready()) { - if ((line = br.readLine()) != null) { + if ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { sb.append(line); sb.append(lf); } @@ -196,8 +197,8 @@ static String extractProcessOutput(Process p) { public static void consumeProcessStream(InputStream stream) { BufferedReader br = new BufferedReader(new InputStreamReader(stream)); try { - while (br.readLine() != null) { - br.readLine(); + while (BoundedLineReader.readLine(br, 5_000_000) != null) { + BoundedLineReader.readLine(br, 5_000_000); } } catch (IOException e) { } finally { diff --git a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/selection/policies/NodeSourcePriorityPolicy.java b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/selection/policies/NodeSourcePriorityPolicy.java index d8da7de0da..2cabe5e472 100644 --- a/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/selection/policies/NodeSourcePriorityPolicy.java +++ b/rm/rm-server/src/main/java/org/ow2/proactive/resourcemanager/selection/policies/NodeSourcePriorityPolicy.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.resourcemanager.selection.policies; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; @@ -85,7 +86,7 @@ private void reloadConfig() { try (BufferedReader br = new BufferedReader(new FileReader(config))) { String strLine; - while ((strLine = br.readLine()) != null) { + while ((strLine = BoundedLineReader.readLine(br, 5_000_000)) != null) { logger.debug("Node source name found: " + strLine); nodeSources.add(strLine); } diff --git a/rm/rm-server/src/test/java/functionaltests/nodesrecovery/NodesRecoveryProcessHelper.java b/rm/rm-server/src/test/java/functionaltests/nodesrecovery/NodesRecoveryProcessHelper.java index 79f9ffac30..4a10095d48 100644 --- a/rm/rm-server/src/test/java/functionaltests/nodesrecovery/NodesRecoveryProcessHelper.java +++ b/rm/rm-server/src/test/java/functionaltests/nodesrecovery/NodesRecoveryProcessHelper.java @@ -25,6 +25,7 @@ */ package functionaltests.nodesrecovery; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; @@ -87,7 +88,7 @@ private static int getUnixFirstJavaProcessPidWithName(String processName) Process p = processBuilder.start(); BufferedReader input = new BufferedReader(new InputStreamReader(p.getInputStream())); StringBuilder stringBuilder = new StringBuilder(); - while ((line = input.readLine()) != null) { + while ((line = BoundedLineReader.readLine(input, 5_000_000)) != null) { stringBuilder.append(line).append(","); if (line.contains(processName)) { String pidString = line.split(" ")[0]; @@ -104,7 +105,7 @@ private static int getWindowsFirstJavaProcessPidWithName(String processName) Process p = Runtime.getRuntime().exec(buildJpsCommand()); BufferedReader input = new BufferedReader(new InputStreamReader(p.getInputStream())); StringBuilder stringBuilder = new StringBuilder(); - while ((line = input.readLine()) != null) { + while ((line = BoundedLineReader.readLine(input, 5_000_000)) != null) { stringBuilder.append(line).append(","); if (line.toLowerCase().contains(processName.toLowerCase())) { String pidString = line.split(" ")[0]; diff --git a/rm/rm-server/src/test/java/functionaltests/utils/InputStreamReaderThread.java b/rm/rm-server/src/test/java/functionaltests/utils/InputStreamReaderThread.java index 781c812ece..25a58cc1c9 100644 --- a/rm/rm-server/src/test/java/functionaltests/utils/InputStreamReaderThread.java +++ b/rm/rm-server/src/test/java/functionaltests/utils/InputStreamReaderThread.java @@ -25,6 +25,7 @@ */ package functionaltests.utils; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; @@ -53,7 +54,7 @@ public void run() { BufferedReader reader = new BufferedReader(new InputStreamReader(stream)); String line; try { - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { System.out.println(outputPrefix + line); } } catch (IOException ignored) { diff --git a/rm/rm-server/src/test/java/org/ow2/tests/ProcessCleaner.java b/rm/rm-server/src/test/java/org/ow2/tests/ProcessCleaner.java index f1105e9484..5e109bec67 100755 --- a/rm/rm-server/src/test/java/org/ow2/tests/ProcessCleaner.java +++ b/rm/rm-server/src/test/java/org/ow2/tests/ProcessCleaner.java @@ -25,6 +25,7 @@ */ package org.ow2.tests; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileNotFoundException; @@ -113,7 +114,7 @@ private Set getAliveWithJps(boolean printProcesses) throws IOException BufferedReader br = new BufferedReader(r); String line; - while ((line = br.readLine()) != null) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { Matcher m = this.pattern.matcher(line); if (m.matches()) { if (printProcesses) @@ -158,7 +159,7 @@ private Set getAliveWithNative() throws IOException { BufferedReader br = new BufferedReader(r); String line; - while ((line = br.readLine()) != null) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { pids.add(Integer.parseInt(line)); } @@ -204,7 +205,7 @@ private void printStackTrace(int pid) { BufferedReader br = new BufferedReader(r); String line; - while ((line = br.readLine()) != null) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { System.err.println(line); } diff --git a/rm/rm-server/src/test/java/org/ow2/tests/ProcessKiller.java b/rm/rm-server/src/test/java/org/ow2/tests/ProcessKiller.java index f2c85ebb23..348561fa4e 100755 --- a/rm/rm-server/src/test/java/org/ow2/tests/ProcessKiller.java +++ b/rm/rm-server/src/test/java/org/ow2/tests/ProcessKiller.java @@ -25,6 +25,7 @@ */ package org.ow2.tests; +import io.github.pixee.security.BoundedLineReader; import io.github.pixee.security.SystemCommand; import java.io.BufferedReader; import java.io.IOException; @@ -117,7 +118,7 @@ public void kill(int pid) throws IOException, InterruptedException { Reader r = new InputStreamReader(p.getInputStream()); BufferedReader br = new BufferedReader(r); - for (String line = br.readLine(); line != null; line = br.readLine()) { + for (String line = BoundedLineReader.readLine(br, 5_000_000); line != null; line = BoundedLineReader.readLine(br, 5_000_000)) { } // SCHEDULING-1527: using tskill as fallback diff --git a/scheduler/scheduler-api/src/main/java/org/ow2/proactive/scheduler/common/job/factories/FlatJobFactory.java b/scheduler/scheduler-api/src/main/java/org/ow2/proactive/scheduler/common/job/factories/FlatJobFactory.java index 2c23fbb733..ed902b942e 100644 --- a/scheduler/scheduler-api/src/main/java/org/ow2/proactive/scheduler/common/job/factories/FlatJobFactory.java +++ b/scheduler/scheduler-api/src/main/java/org/ow2/proactive/scheduler/common/job/factories/FlatJobFactory.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scheduler.common.job.factories; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; @@ -139,7 +140,7 @@ public Job createNativeJobFromCommandsFile(String commandFilePath, String jobNam ArrayList commandList = new ArrayList<>(); try (BufferedReader reader = new BufferedReader(new FileReader(commandFile))) { - while ((commandLine = reader.readLine()) != null) { + while ((commandLine = BoundedLineReader.readLine(reader, 5_000_000)) != null) { commandLine = commandLine.trim(); if (!commandLine.startsWith(CMD_FILE_COMMENT_CHAR, 0) && !"".equals(commandLine)) { commandList.add(commandLine); diff --git a/scheduler/scheduler-client/src/main/java/org/ow2/proactive/scheduler/common/SchedulerAuthenticationGUIHelper.java b/scheduler/scheduler-client/src/main/java/org/ow2/proactive/scheduler/common/SchedulerAuthenticationGUIHelper.java index 8beb6232d0..12286b7f7e 100644 --- a/scheduler/scheduler-client/src/main/java/org/ow2/proactive/scheduler/common/SchedulerAuthenticationGUIHelper.java +++ b/scheduler/scheduler-client/src/main/java/org/ow2/proactive/scheduler/common/SchedulerAuthenticationGUIHelper.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scheduler.common; +import io.github.pixee.security.BoundedLineReader; import java.awt.Rectangle; import java.awt.Toolkit; import java.awt.event.ActionEvent; @@ -517,7 +518,7 @@ private void loadURLs() { } try (BufferedReader br = new BufferedReader(new FileReader(TMP_AUTH_FILE))) { String url; - while ((url = br.readLine()) != null) { + while ((url = BoundedLineReader.readLine(br, 5_000_000)) != null) { if (!"".equals(url)) { URLs.add(url); } diff --git a/scheduler/scheduler-node/src/main/java/org/ow2/proactive/scheduler/task/utils/ThreadReader.java b/scheduler/scheduler-node/src/main/java/org/ow2/proactive/scheduler/task/utils/ThreadReader.java index de0ea3253b..cdfb605940 100644 --- a/scheduler/scheduler-node/src/main/java/org/ow2/proactive/scheduler/task/utils/ThreadReader.java +++ b/scheduler/scheduler-node/src/main/java/org/ow2/proactive/scheduler/task/utils/ThreadReader.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scheduler.task.utils; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.IOException; import java.io.PrintStream; @@ -49,7 +50,7 @@ public void run() { String str; try { - while ((str = in.readLine()) != null) { + while ((str = BoundedLineReader.readLine(in, 5_000_000)) != null) { out.println(str); } } catch (IOException e) { diff --git a/scheduler/scheduler-server/src/main/java/org/ow2/proactive/scheduler/authentication/ManageUsers.java b/scheduler/scheduler-server/src/main/java/org/ow2/proactive/scheduler/authentication/ManageUsers.java index 4f535d2d92..c910dc2c99 100644 --- a/scheduler/scheduler-server/src/main/java/org/ow2/proactive/scheduler/authentication/ManageUsers.java +++ b/scheduler/scheduler-server/src/main/java/org/ow2/proactive/scheduler/authentication/ManageUsers.java @@ -25,6 +25,7 @@ */ package org.ow2.proactive.scheduler.authentication; +import io.github.pixee.security.BoundedLineReader; import java.io.*; import java.security.KeyException; import java.security.PublicKey; @@ -611,7 +612,7 @@ private static Multimap loadGroups(String groupFilePath) throws String line = null; try (BufferedReader reader = new BufferedReader(new InputStreamReader(new FileInputStream(groupFilePath)))) { - while ((line = reader.readLine()) != null) { + while ((line = BoundedLineReader.readLine(reader, 5_000_000)) != null) { if (!line.trim().isEmpty()) { String[] u2g = line.split(":"); if (u2g.length == 2) { diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TaskProActiveDataspacesIntegrationTest.java b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TaskProActiveDataspacesIntegrationTest.java index 71c04a0508..1ce658cee5 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TaskProActiveDataspacesIntegrationTest.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TaskProActiveDataspacesIntegrationTest.java @@ -26,6 +26,7 @@ package functionaltests.dataspaces; import static com.google.common.truth.Truth.assertThat; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; @@ -163,7 +164,7 @@ private Process spawnNewJvm(Class clazz, String... params) throws Exception { private String readLine(InputStream iStream) throws IOException { BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(iStream)); - return bufferedReader.readLine(); + return BoundedLineReader.readLine(bufferedReader, 5_000_000); } private String getSystemProperty(String name) { diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestDataspaceScripts.java b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestDataspaceScripts.java index b58ce04ba6..31f4b6f985 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestDataspaceScripts.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestDataspaceScripts.java @@ -25,6 +25,7 @@ */ package functionaltests.dataspaces; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; @@ -184,7 +185,7 @@ private void checkFile(File f) throws Throwable { BufferedReader in = new BufferedReader(new InputStreamReader(new FileInputStream(f))); String line; int i = 0; - while ((line = in.readLine()) != null) { + while ((line = BoundedLineReader.readLine(in, 5_000_000)) != null) { assertTrue("Original and copied files differ", fileContent[i].equals(line)); i++; } diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestJobDataspaceSubmission.java b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestJobDataspaceSubmission.java index bd402bbd38..b4702f7784 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestJobDataspaceSubmission.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestJobDataspaceSubmission.java @@ -25,6 +25,7 @@ */ package functionaltests.dataspaces; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; @@ -339,7 +340,7 @@ private void putContent(String s, File f) throws Exception { private String getContent(File f) throws Exception { try (FileReader fr = new FileReader(f); BufferedReader br = new BufferedReader(fr)) { - return br.readLine(); + return BoundedLineReader.readLine(br, 5_000_000); } } diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestSpecialCharacterFileName.java b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestSpecialCharacterFileName.java index 4d5855ab85..0ce47038e8 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestSpecialCharacterFileName.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestSpecialCharacterFileName.java @@ -25,6 +25,7 @@ */ package functionaltests.dataspaces; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assume.assumeTrue; import java.io.*; @@ -74,7 +75,7 @@ private static String returnExprInResultBeforeTimeout(InputStream inputStream, S String line; long startTime = System.currentTimeMillis(); - while ((line = br.readLine()) != null && (System.currentTimeMillis() - startTime) / 1000 < timeout) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null && (System.currentTimeMillis() - startTime) / 1000 < timeout) { sb.append(line + System.getProperty("line.separator")); System.out.println(line); diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestWorkflowDataspace.java b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestWorkflowDataspace.java index cb8423c031..250f27d7e2 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestWorkflowDataspace.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/dataspaces/TestWorkflowDataspace.java @@ -25,6 +25,7 @@ */ package functionaltests.dataspaces; +import io.github.pixee.security.BoundedLineReader; import java.io.*; import org.junit.Assert; @@ -124,7 +125,7 @@ private void testJavaTask() throws Throwable { Assert.assertTrue("Missing output file " + f.getName(), f.exists()); BufferedReader in = new BufferedReader(new FileReader(f)); - String line = in.readLine(); + String line = BoundedLineReader.readLine(in, 5_000_000); Assert.assertTrue("Wrong content for " + f.getCanonicalPath(), line.equals("it " + it + " dup " + dup)); } } diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/executables/WorkingAt3rd.java b/scheduler/scheduler-server/src/test/java/functionaltests/executables/WorkingAt3rd.java index cbe2d6a989..5b176a81db 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/executables/WorkingAt3rd.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/executables/WorkingAt3rd.java @@ -25,6 +25,7 @@ */ package functionaltests.executables; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; @@ -56,7 +57,7 @@ public Serializable execute(TaskResult... results) throws Throwable { } //file exist BufferedReader br = new BufferedReader(new FileReader(f)); - int n = Integer.parseInt(br.readLine()); + int n = Integer.parseInt(BoundedLineReader.readLine(br, 5_000_000)); br.close(); //file number is less that 2 if (n < 2) { diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/job/log/TestJobServerLogs.java b/scheduler/scheduler-server/src/test/java/functionaltests/job/log/TestJobServerLogs.java index 1c67f96542..d438158250 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/job/log/TestJobServerLogs.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/job/log/TestJobServerLogs.java @@ -26,6 +26,7 @@ package functionaltests.job.log; import static functionaltests.utils.SchedulerTHelper.log; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assert.assertEquals; import static org.junit.Assert.fail; @@ -240,13 +241,13 @@ private void printDiagnosticMessage() { String line; int i; // print up to LIMIT first lines - for (i = 0; i < LIMIT && (line = br.readLine()) != null; ++i) { + for (i = 0; i < LIMIT && (line = BoundedLineReader.readLine(br, 5_000_000)) != null; ++i) { System.out.println(line); } Queue queue = new CircularFifoQueue<>(LIMIT); // reading last LIMIT lines - for (; (line = br.readLine()) != null; ++i) { + for (; (line = BoundedLineReader.readLine(br, 5_000_000)) != null; ++i) { queue.add(line); } diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/job/taskkill/TestProcessTreeKillerUtil.java b/scheduler/scheduler-server/src/test/java/functionaltests/job/taskkill/TestProcessTreeKillerUtil.java index 888bcc1571..f0b41dcc42 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/job/taskkill/TestProcessTreeKillerUtil.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/job/taskkill/TestProcessTreeKillerUtil.java @@ -26,6 +26,7 @@ package functionaltests.job.taskkill; import static functionaltests.utils.SchedulerTHelper.log; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assert.assertEquals; import java.io.BufferedReader; @@ -120,7 +121,7 @@ public static int getProcessNumber(String executableName) throws IOException { Process p = processBuilder.start(); BufferedReader input = new BufferedReader(new InputStreamReader(p.getInputStream())); log("Scanning processes"); - while ((line = input.readLine()) != null) { + while ((line = BoundedLineReader.readLine(input, 5_000_000)) != null) { log("Process: " + line); if (line.contains(executableName)) { toReturn++; @@ -135,7 +136,7 @@ public static int getProcessNumberWindows(String executableName) throws IOExcept String line; Process p = Runtime.getRuntime().exec("tasklist"); BufferedReader input = new BufferedReader(new InputStreamReader(p.getInputStream())); - while ((line = input.readLine()) != null) { + while ((line = BoundedLineReader.readLine(input, 5_000_000)) != null) { if (line.toLowerCase().contains(executableName.toLowerCase())) { toReturn++; } diff --git a/scheduler/scheduler-server/src/test/java/functionaltests/workflow/TestWorkflowIterationAwareness.java b/scheduler/scheduler-server/src/test/java/functionaltests/workflow/TestWorkflowIterationAwareness.java index 5a74dab630..f3600f8279 100644 --- a/scheduler/scheduler-server/src/test/java/functionaltests/workflow/TestWorkflowIterationAwareness.java +++ b/scheduler/scheduler-server/src/test/java/functionaltests/workflow/TestWorkflowIterationAwareness.java @@ -25,6 +25,7 @@ */ package functionaltests.workflow; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assert.assertTrue; import java.io.BufferedReader; @@ -187,28 +188,28 @@ private void testNativeJob(String jobDescriptorPath) throws Throwable { n--; File f = new File(path + "0_0"); BufferedReader in = new BufferedReader(new FileReader(f)); - checkResult(in.readLine(), "T1", "0", "0"); + checkResult(BoundedLineReader.readLine(in, 5_000_000), "T1", "0", "0"); in.close(); f.delete(); } else if (result.getKey().equals("T1*1")) { n--; File f = new File(path + "0_1"); BufferedReader in = new BufferedReader(new FileReader(f)); - checkResult(in.readLine(), "T1*1", "0", "1"); + checkResult(BoundedLineReader.readLine(in, 5_000_000), "T1*1", "0", "1"); in.close(); f.delete(); } else if (result.getKey().equals("T1#1")) { n--; File f = new File(path + "1_0"); BufferedReader in = new BufferedReader(new FileReader(f)); - checkResult(in.readLine(), "T1#1", "1", "0"); + checkResult(BoundedLineReader.readLine(in, 5_000_000), "T1#1", "1", "0"); in.close(); f.delete(); } else if (result.getKey().equals("T1#1*1")) { n--; File f = new File(path + "1_1"); BufferedReader in = new BufferedReader(new FileReader(f)); - checkResult(in.readLine(), "T1#1*1", "1", "1"); + checkResult(BoundedLineReader.readLine(in, 5_000_000), "T1#1*1", "1", "1"); in.close(); f.delete(); } diff --git a/scheduler/scheduler-server/src/test/java/performancetests/helper/LogProcessor.java b/scheduler/scheduler-server/src/test/java/performancetests/helper/LogProcessor.java index 1bfafbc14b..186ba742f5 100644 --- a/scheduler/scheduler-server/src/test/java/performancetests/helper/LogProcessor.java +++ b/scheduler/scheduler-server/src/test/java/performancetests/helper/LogProcessor.java @@ -25,6 +25,7 @@ */ package performancetests.helper; +import io.github.pixee.security.BoundedLineReader; import java.io.BufferedReader; import java.io.File; import java.io.FileReader; @@ -60,7 +61,7 @@ public static List linesThatMatch(String matcher) { try (BufferedReader br = new BufferedReader(new FileReader(getPathToLogFile()))) { List result = new ArrayList<>(); String line; - while ((line = br.readLine()) != null) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { if (line.contains(matcher)) { result.add(line); } diff --git a/scheduler/scheduler-server/src/test/java/performancetests/recovery/PerformanceTestBase.java b/scheduler/scheduler-server/src/test/java/performancetests/recovery/PerformanceTestBase.java index c7f5920911..01b4e58eb9 100644 --- a/scheduler/scheduler-server/src/test/java/performancetests/recovery/PerformanceTestBase.java +++ b/scheduler/scheduler-server/src/test/java/performancetests/recovery/PerformanceTestBase.java @@ -25,6 +25,7 @@ */ package performancetests.recovery; +import io.github.pixee.security.BoundedLineReader; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertTrue; @@ -109,7 +110,7 @@ public static Map readReport(File file) throws IOException { Map result = new HashMap<>(8); String line = null; - while ((line = br.readLine()) != null) { + while ((line = BoundedLineReader.readLine(br, 5_000_000)) != null) { final String[] values = line.split(SEPARATOR); String key = values[1] + "-" + values[2]; String value = values[values.length - 2];