Skip to content

Commit

Permalink
Ensure jackson default maximums introduced in 2.16.0 do not conflict …
Browse files Browse the repository at this point in the history
…with OpenSearch settings

Signed-off-by: Andriy Redko <[email protected]>
  • Loading branch information
reta committed Jan 8, 2024
1 parent e948c40 commit e7d1623
Show file tree
Hide file tree
Showing 50 changed files with 174 additions and 47 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Add task completion count in search backpressure stats API ([#10028](https://github.com/opensearch-project/OpenSearch/pull/10028/))
- Deprecate CamelCase `PathHierarchy` tokenizer name in favor to lowercase `path_hierarchy` ([#10894](https://github.com/opensearch-project/OpenSearch/pull/10894))
- Switched to more reliable OpenSearch Lucene snapshot location([#11728](https://github.com/opensearch-project/OpenSearch/pull/11728))
- Ensure jackson default maximums introduced in 2.16.0 do not conflict with OpenSearch settings ([#11890](https://github.com/opensearch-project/OpenSearch/pull/11890))

### Deprecated

Expand Down
4 changes: 2 additions & 2 deletions buildSrc/version.properties
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ bundled_jdk = 21.0.1+12
# optional dependencies
spatial4j = 0.7
jts = 1.15.0
jackson = 2.16.0
jackson_databind = 2.16.0
jackson = 2.16.1
jackson_databind = 2.16.1
snakeyaml = 2.1
icu4j = 70.1
supercsv = 2.4.0
Expand Down
1 change: 0 additions & 1 deletion client/sniffer/licenses/jackson-core-2.16.0.jar.sha1

This file was deleted.

1 change: 1 addition & 0 deletions client/sniffer/licenses/jackson-core-2.16.1.jar.sha1
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
9456bb3cdd0f79f91a5f730a1b1bb041a380c91f

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
fd441d574a71e7d10a4f73de6609f881d8cdfeec

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
02a16efeb840c45af1e2f31753dfe76795278b73
1 change: 0 additions & 1 deletion libs/core/licenses/jackson-core-2.16.0.jar.sha1

This file was deleted.

1 change: 1 addition & 0 deletions libs/core/licenses/jackson-core-2.16.1.jar.sha1
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
9456bb3cdd0f79f91a5f730a1b1bb041a380c91f
1 change: 0 additions & 1 deletion libs/x-content/licenses/jackson-core-2.16.0.jar.sha1

This file was deleted.

1 change: 1 addition & 0 deletions libs/x-content/licenses/jackson-core-2.16.1.jar.sha1
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
9456bb3cdd0f79f91a5f730a1b1bb041a380c91f

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
1be7098dccc079171464dca7e386bd8df623b031

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
c4ddbc5277670f2e56b1f5e44e83afa748bcb125

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
8e4f1923d73cd55f2b4c0d56ee4ed80419297354
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
/*
* SPDX-License-Identifier: Apache-2.0
*
* The OpenSearch Contributors require contributions made to
* this file be licensed under the Apache-2.0 license or a
* compatible open source license.
*/

package org.opensearch.common.xcontent;

import com.fasterxml.jackson.core.StreamReadConstraints;

import org.opensearch.common.annotation.InternalApi;

/**
* Consolidates the XContent constraints (primarily reflecting Jackson's {@link StreamReadConstraints} constraints)
*
* @opensearch.internal
*/
@InternalApi
public interface XContentContraints {
final int DEFAULT_MAX_STRING_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.string.length.max", "50000000" /* ~50 Mb */)
);

final int DEFAULT_MAX_NAME_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.name.length.max", Integer.toString(StreamReadConstraints.DEFAULT_MAX_NAME_LEN) /* 50000 */)
);

final int DEFAULT_MAX_DEPTH = Integer.parseInt(
System.getProperty("opensearch.xcontent.depth.max", Integer.toString(StreamReadConstraints.DEFAULT_MAX_DEPTH) /* 1000 */)
);
}
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import com.fasterxml.jackson.core.StreamReadFeature;
import com.fasterxml.jackson.dataformat.cbor.CBORFactory;

import org.opensearch.common.xcontent.XContentContraints;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.DeprecationHandler;
import org.opensearch.core.xcontent.MediaType;
Expand All @@ -58,11 +59,7 @@
/**
* A CBOR based content implementation using Jackson.
*/
public class CborXContent implements XContent {
public static final int DEFAULT_MAX_STRING_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.string.length.max", "50000000" /* ~50 Mb */)
);

public class CborXContent implements XContent, XContentContraints {
public static XContentBuilder contentBuilder() throws IOException {
return XContentBuilder.builder(cborXContent);
}
Expand All @@ -76,7 +73,13 @@ public static XContentBuilder contentBuilder() throws IOException {
// Do not automatically close unclosed objects/arrays in com.fasterxml.jackson.dataformat.cbor.CBORGenerator#close() method
cborFactory.configure(JsonGenerator.Feature.AUTO_CLOSE_JSON_CONTENT, false);
cborFactory.configure(JsonParser.Feature.STRICT_DUPLICATE_DETECTION, true);
cborFactory.setStreamReadConstraints(StreamReadConstraints.builder().maxStringLength(DEFAULT_MAX_STRING_LEN).build());
cborFactory.setStreamReadConstraints(
StreamReadConstraints.builder()
.maxStringLength(DEFAULT_MAX_STRING_LEN)
.maxNameLength(DEFAULT_MAX_NAME_LEN)
.maxNestingDepth(DEFAULT_MAX_DEPTH)
.build()
);
cborFactory.configure(StreamReadFeature.USE_FAST_DOUBLE_PARSER.mappedFeature(), true);
cborXContent = new CborXContent();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import com.fasterxml.jackson.core.StreamReadConstraints;
import com.fasterxml.jackson.core.StreamReadFeature;

import org.opensearch.common.xcontent.XContentContraints;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.DeprecationHandler;
import org.opensearch.core.xcontent.MediaType;
Expand All @@ -57,11 +58,7 @@
/**
* A JSON based content implementation using Jackson.
*/
public class JsonXContent implements XContent {
public static final int DEFAULT_MAX_STRING_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.string.length.max", "50000000" /* ~50 Mb */)
);

public class JsonXContent implements XContent, XContentContraints {
public static XContentBuilder contentBuilder() throws IOException {
return XContentBuilder.builder(jsonXContent);
}
Expand All @@ -78,7 +75,13 @@ public static XContentBuilder contentBuilder() throws IOException {
// Do not automatically close unclosed objects/arrays in com.fasterxml.jackson.core.json.UTF8JsonGenerator#close() method
jsonFactory.configure(JsonGenerator.Feature.AUTO_CLOSE_JSON_CONTENT, false);
jsonFactory.configure(JsonParser.Feature.STRICT_DUPLICATE_DETECTION, true);
jsonFactory.setStreamReadConstraints(StreamReadConstraints.builder().maxStringLength(DEFAULT_MAX_STRING_LEN).build());
jsonFactory.setStreamReadConstraints(
StreamReadConstraints.builder()
.maxStringLength(DEFAULT_MAX_STRING_LEN)
.maxNameLength(DEFAULT_MAX_NAME_LEN)
.maxNestingDepth(DEFAULT_MAX_DEPTH)
.build()
);
jsonFactory.configure(StreamReadFeature.USE_FAST_DOUBLE_PARSER.mappedFeature(), true);
jsonXContent = new JsonXContent();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
import com.fasterxml.jackson.dataformat.smile.SmileFactory;
import com.fasterxml.jackson.dataformat.smile.SmileGenerator;

import org.opensearch.common.xcontent.XContentContraints;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.DeprecationHandler;
import org.opensearch.core.xcontent.MediaType;
Expand All @@ -58,11 +59,7 @@
/**
* A Smile based content implementation using Jackson.
*/
public class SmileXContent implements XContent {
public static final int DEFAULT_MAX_STRING_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.string.length.max", "50000000" /* ~50 Mb */)
);

public class SmileXContent implements XContent, XContentContraints {
public static XContentBuilder contentBuilder() throws IOException {
return XContentBuilder.builder(smileXContent);
}
Expand All @@ -78,7 +75,13 @@ public static XContentBuilder contentBuilder() throws IOException {
// Do not automatically close unclosed objects/arrays in com.fasterxml.jackson.dataformat.smile.SmileGenerator#close() method
smileFactory.configure(JsonGenerator.Feature.AUTO_CLOSE_JSON_CONTENT, false);
smileFactory.configure(JsonParser.Feature.STRICT_DUPLICATE_DETECTION, true);
smileFactory.setStreamReadConstraints(StreamReadConstraints.builder().maxStringLength(DEFAULT_MAX_STRING_LEN).build());
smileFactory.setStreamReadConstraints(
StreamReadConstraints.builder()
.maxStringLength(DEFAULT_MAX_STRING_LEN)
.maxNameLength(DEFAULT_MAX_NAME_LEN)
.maxNestingDepth(DEFAULT_MAX_DEPTH)
.build()
);
smileFactory.configure(StreamReadFeature.USE_FAST_DOUBLE_PARSER.mappedFeature(), true);
smileXContent = new SmileXContent();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
import com.fasterxml.jackson.core.StreamReadFeature;
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;

import org.opensearch.common.xcontent.XContentContraints;
import org.opensearch.common.xcontent.XContentType;
import org.opensearch.core.xcontent.DeprecationHandler;
import org.opensearch.core.xcontent.MediaType;
Expand All @@ -56,11 +57,7 @@
/**
* A YAML based content implementation using Jackson.
*/
public class YamlXContent implements XContent {
public static final int DEFAULT_MAX_STRING_LEN = Integer.parseInt(
System.getProperty("opensearch.xcontent.string.length.max", "50000000" /* ~50 Mb */)
);

public class YamlXContent implements XContent, XContentContraints {
public static XContentBuilder contentBuilder() throws IOException {
return XContentBuilder.builder(yamlXContent);
}
Expand All @@ -71,7 +68,13 @@ public static XContentBuilder contentBuilder() throws IOException {
static {
yamlFactory = new YAMLFactory();
yamlFactory.configure(JsonParser.Feature.STRICT_DUPLICATE_DETECTION, true);
yamlFactory.setStreamReadConstraints(StreamReadConstraints.builder().maxStringLength(DEFAULT_MAX_STRING_LEN).build());
yamlFactory.setStreamReadConstraints(
StreamReadConstraints.builder()
.maxStringLength(DEFAULT_MAX_STRING_LEN)
.maxNameLength(DEFAULT_MAX_NAME_LEN)
.maxNestingDepth(DEFAULT_MAX_DEPTH)
.build()
);
yamlFactory.configure(StreamReadFeature.USE_FAST_DOUBLE_PARSER.mappedFeature(), true);
yamlXContent = new YamlXContent();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
import org.opensearch.common.xcontent.cbor.CborXContent;
import org.opensearch.common.xcontent.json.JsonXContent;
import org.opensearch.common.xcontent.smile.SmileXContent;
import org.opensearch.common.xcontent.yaml.YamlXContent;
import org.opensearch.core.common.bytes.BytesReference;
import org.opensearch.core.xcontent.XContentBuilder;
import org.opensearch.core.xcontent.XContentParseException;
Expand Down Expand Up @@ -94,6 +95,28 @@ public class XContentParserTests extends OpenSearchTestCase {
() -> randomRealisticUnicodeOfCodepointLength(3145730)
);

private static final Map<XContentType, Supplier<String>> FIELD_NAME_GENERATORS = Map.of(
XContentType.JSON,
() -> randomAlphaOfLengthBetween(1, JsonXContent.DEFAULT_MAX_NAME_LEN),
XContentType.CBOR,
() -> randomAlphaOfLengthBetween(1, CborXContent.DEFAULT_MAX_NAME_LEN),
XContentType.SMILE,
() -> randomAlphaOfLengthBetween(1, SmileXContent.DEFAULT_MAX_NAME_LEN),
XContentType.YAML,
() -> randomAlphaOfLengthBetween(1, YamlXContent.DEFAULT_MAX_NAME_LEN)
);

private static final Map<XContentType, Supplier<String>> FIELD_NAME_OFF_LIMIT_GENERATORS = Map.of(
XContentType.JSON,
() -> randomAlphaOfLength(JsonXContent.DEFAULT_MAX_NAME_LEN + 1),
XContentType.CBOR,
() -> randomAlphaOfLength(CborXContent.DEFAULT_MAX_NAME_LEN + 1),
XContentType.SMILE,
() -> randomAlphaOfLength(SmileXContent.DEFAULT_MAX_NAME_LEN + 1),
XContentType.YAML,
() -> randomAlphaOfLength(YamlXContent.DEFAULT_MAX_NAME_LEN + 1)
);

public void testStringOffLimit() throws IOException {
final XContentType xContentType = randomFrom(XContentType.values());

Expand Down Expand Up @@ -155,6 +178,64 @@ public void testString() throws IOException {
}
}

public void testFieldNameOffLimit() throws IOException {
final XContentType xContentType = randomFrom(XContentType.values());

final String field = FIELD_NAME_OFF_LIMIT_GENERATORS.get(xContentType).get();
final String value = randomAlphaOfLengthBetween(1, 5);

try (XContentBuilder builder = XContentBuilder.builder(xContentType.xContent())) {
builder.startObject();
if (randomBoolean()) {
builder.field(field, value);
} else {
builder.field(field).value(value);
}
builder.endObject();

try (XContentParser parser = createParser(xContentType.xContent(), BytesReference.bytes(builder))) {
assertEquals(XContentParser.Token.START_OBJECT, parser.nextToken());
// See please https://github.com/FasterXML/jackson-dataformats-binary/issues/392, support
// for CBOR, Smile is coming
if (xContentType != XContentType.JSON) {
assertEquals(XContentParser.Token.FIELD_NAME, parser.nextToken());
assertEquals(field, parser.currentName());
assertEquals(XContentParser.Token.VALUE_STRING, parser.nextToken());
assertEquals(XContentParser.Token.END_OBJECT, parser.nextToken());
assertNull(parser.nextToken());
} else {
assertThrows(StreamConstraintsException.class, () -> parser.nextToken());
}
}
}
}

public void testFieldName() throws IOException {
final XContentType xContentType = randomFrom(XContentType.values());

final String field = FIELD_NAME_GENERATORS.get(xContentType).get();
final String value = randomAlphaOfLengthBetween(1, 5);

try (XContentBuilder builder = XContentBuilder.builder(xContentType.xContent())) {
builder.startObject();
if (randomBoolean()) {
builder.field(field, value);
} else {
builder.field(field).value(value);
}
builder.endObject();

try (XContentParser parser = createParser(xContentType.xContent(), BytesReference.bytes(builder))) {
assertEquals(XContentParser.Token.START_OBJECT, parser.nextToken());
assertEquals(XContentParser.Token.FIELD_NAME, parser.nextToken());
assertEquals(field, parser.currentName());
assertEquals(XContentParser.Token.VALUE_STRING, parser.nextToken());
assertEquals(XContentParser.Token.END_OBJECT, parser.nextToken());
assertNull(parser.nextToken());
}
}
}

public void testFloat() throws IOException {
final XContentType xContentType = randomFrom(XContentType.values());

Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
fd441d574a71e7d10a4f73de6609f881d8cdfeec

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
02a16efeb840c45af1e2f31753dfe76795278b73

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
fd441d574a71e7d10a4f73de6609f881d8cdfeec

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
02a16efeb840c45af1e2f31753dfe76795278b73

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
fd441d574a71e7d10a4f73de6609f881d8cdfeec

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
02a16efeb840c45af1e2f31753dfe76795278b73

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
fd441d574a71e7d10a4f73de6609f881d8cdfeec

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
02a16efeb840c45af1e2f31753dfe76795278b73

This file was deleted.

Loading

0 comments on commit e7d1623

Please sign in to comment.