Skip to content

Commit

Permalink
Ensure we protect Collections obtained from scripts from self-referen…
Browse files Browse the repository at this point in the history 
…cing (elastic/x-pack-elasticsearch#3681)

Self referencing maps can cause SOE if they are iterated ie. in their toString methods. This chance adds some protected to the usage of those collections.
see elastic#28335

Original commit: elastic/x-pack-elasticsearch@c4f1089
  • Loading branch information
@s1monw
s1monw authored Jan 23, 2018
1 parent 215f9af commit 63c0e28
Show file tree
Hide file tree
Showing 2 changed files with 83 additions and 4 deletions.
13 changes: 9 additions & 4 deletions ...rg/elasticsearch/xpack/watcher/transport/actions/execute/TransportExecuteWatchAction.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.elasticsearch.cluster.routing.Preference;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.AbstractRunnable;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.common.xcontent.XContentType;
Expand Down Expand Up @@ -109,8 +110,14 @@ protected void doExecute(ExecuteWatchRequest request, ActionListener<ExecuteWatc
private void executeWatch(ExecuteWatchRequest request, ActionListener<ExecuteWatchResponse> listener,
Watch watch, boolean knownWatch) {

threadPool.executor(XPackField.WATCHER).submit(() -> {
try {
threadPool.executor(XPackField.WATCHER).submit(new AbstractRunnable() {
@Override
public void onFailure(Exception e) {
listener.onFailure(e);
}

@Override
protected void doRun() throws Exception {
// ensure that the headers from the incoming request are used instead those of the stored watch
// otherwise the watch would run as the user who stored the watch, but it needs to be run as the user who
// executes this request
Expand Down Expand Up @@ -141,8 +148,6 @@ private void executeWatch(ExecuteWatchRequest request, ActionListener<ExecuteWat

record.toXContent(builder, WatcherParams.builder().hideSecrets(true).debug(request.isDebug()).build());
listener.onResponse(new ExecuteWatchResponse(record.id().value(), builder.bytes(), XContentType.JSON));
} catch (IOException e) {
listener.onFailure(e);
}
});
}
Expand Down
74 changes: 74 additions & 0 deletions ...her-with-painless/src/test/resources/rest-api-spec/test/watcher_painless/40_exception.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,77 @@
- is_true: error.script_stack
- match: { status: 500 }

---
"Test painless exceptions are returned when logging a broken response":
- do:
cluster.health:
wait_for_status: green

- do:
xpack.watcher.execute_watch:
body: >
{
"watch" : {
"trigger": {
"schedule": {
"interval": "1d"
}
},
"input": {
"simple": {
"foo": "bar"
}
},
"actions": {
"my-logging": {
"transform": {
"script": {
"source": "def x = [:] ; def y = [:] ; x.a = y ; y.a = x ; return x"
}
},
"logging": {
"text": "{{ctx}}"
}
}
}
}
}
- match: { watch_record.watch_id: "_inlined_" }
- match: { watch_record.trigger_event.type: "manual" }
- match: { watch_record.state: "executed" }
- match: { watch_record.result.actions.0.status: "failure" }
- match: { watch_record.result.actions.0.error.caused_by.caused_by.type: "illegal_argument_exception" }
- match: { watch_record.result.actions.0.error.caused_by.caused_by.reason: "Iterable object is self-referencing itself" }

- do:
catch: bad_request
xpack.watcher.execute_watch:
body: >
{
"watch": {
"trigger": {
"schedule": {
"interval": "10s"
}
},
"input": {
"simple": {
"foo": "bar"
}
},
"actions": {
"my-logging": {
"transform": {
"script": {
"source": "def x = [:] ; def y = [:] ; x.a = y ; y.a = x ; return x"
}
},
"logging": {
"text": "{{#join}}ctx.payload{{/join}}"
}
}
}
}
}

0 comments on commit 63c0e28

Please sign in to comment.