Bug #9826

[API] crunch-dispatch crash on start

Added by Peter Amstutz over 4 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Target version:
Start date:
08/22/2016
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
0.5

Description

2016-08-21_20:46:04.48258 Called 'load' without the :safe option -- defaulting to safe mode.
2016-08-21_20:46:04.48261 You can avoid this warning in the future by setting the SafeYAML::OPTIONS[:default_mode] option (to :safe or :unsafe).
2016-08-21_20:46:06.01051 dispatch: ready
2016-08-21_20:46:06.05184 /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:341:in `block in start_jobs': Unknown crunch_job_wrapper: :slurm_immediate (RuntimeError)
2016-08-21_20:46:06.05190       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:313:in `each'
2016-08-21_20:46:06.05191       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:313:in `start_jobs'
2016-08-21_20:46:06.05192       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:814:in `run'
2016-08-21_20:46:06.05193       from ./script/crunch-dispatch.rb:13:in `<main>'
2016-08-21_20:46:06.11341 Stopping crunch-dispatch-jobs-0

Subtasks

Task #9828: Review 9826-config-symbolsResolvedNico César


Related issues

Related to Arvados - Story #9684: [Crunch2] [API] Add Workflow resourceResolved08/02/2016

Associated revisions

Revision 4b7c0f2a
Added by Tom Clegg over 4 years ago

Merge branch '9826-config-symbols'

closes #9826

History

#1 Updated by Peter Amstutz over 4 years ago

  • Subject changed from [API] crunch-dispatch broken YAML loading to [API] crunch-dispatch crash on start
  • Description updated (diff)

#2 Updated by Tom Morris over 4 years ago

Peter said on Jabber that this is cluster c97qk

#3 Updated by Tom Clegg over 4 years ago

  • Category set to API
  • Status changed from New to In Progress
  • Assigned To set to Tom Clegg
  • Story points set to 0.5

#4 Updated by Tom Clegg over 4 years ago

9826-config-symbols @ 1356cd6

#5 Updated by Tom Clegg over 4 years ago

  • Status changed from In Progress to Resolved

Applied in changeset arvados|commit:4b7c0f2aa4da6fdb25419a24d1a7f5b57ab35bfd.

#6 Updated by Nico César over 4 years ago

  • Status changed from Resolved to In Progress

test 1356cd61457b8a48ed879b97c5cd14eb4ccf0f29

from https://github.com/dtao/safe_yaml "Symbols receive special treatment in Ruby and are not garbage collected, which means deserializing them indiscriminately may render your site vulnerable to a DOS attack." But it doesn't explain what DoS attacks is it vulnerable to.

On the other hand, it LGTM since we had de-serialization before using gem yaml_safe (so we were vulnerable anyway). We even had external command execution in application.yml, that caused overhead every time the file got read (like cron executions)

Ready to merge.

#7 Updated by Nico César over 4 years ago

  • Status changed from In Progress to Resolved

Also available in: Atom PDF