Project

General

Profile

Actions

Bug #9826

closed

[API] crunch-dispatch crash on start

Added by Peter Amstutz over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Target version:
Story points:
0.5

Description

2016-08-21_20:46:04.48258 Called 'load' without the :safe option -- defaulting to safe mode.
2016-08-21_20:46:04.48261 You can avoid this warning in the future by setting the SafeYAML::OPTIONS[:default_mode] option (to :safe or :unsafe).
2016-08-21_20:46:06.01051 dispatch: ready
2016-08-21_20:46:06.05184 /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:341:in `block in start_jobs': Unknown crunch_job_wrapper: :slurm_immediate (RuntimeError)
2016-08-21_20:46:06.05190       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:313:in `each'
2016-08-21_20:46:06.05191       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:313:in `start_jobs'
2016-08-21_20:46:06.05192       from /data-sdc/var-www/arvados-api/current/lib/crunch_dispatch.rb:814:in `run'
2016-08-21_20:46:06.05193       from ./script/crunch-dispatch.rb:13:in `<main>'
2016-08-21_20:46:06.11341 Stopping crunch-dispatch-jobs-0

Subtasks 1 (0 open1 closed)

Task #9828: Review 9826-config-symbolsResolvedNico César08/22/2016Actions

Related issues

Related to Arvados - Idea #9684: [Crunch2] [API] Add Workflow resourceResolvedRadhika Chippada08/02/2016Actions
Actions #1

Updated by Peter Amstutz over 7 years ago

  • Subject changed from [API] crunch-dispatch broken YAML loading to [API] crunch-dispatch crash on start
  • Description updated (diff)
Actions #2

Updated by Tom Morris over 7 years ago

Peter said on Jabber that this is cluster c97qk

Actions #3

Updated by Tom Clegg over 7 years ago

  • Category set to API
  • Status changed from New to In Progress
  • Assigned To set to Tom Clegg
  • Story points set to 0.5
Actions #4

Updated by Tom Clegg over 7 years ago

9826-config-symbols @ 1356cd6

Actions #5

Updated by Tom Clegg over 7 years ago

  • Status changed from In Progress to Resolved

Applied in changeset arvados|commit:4b7c0f2aa4da6fdb25419a24d1a7f5b57ab35bfd.

Actions #6

Updated by Nico César over 7 years ago

  • Status changed from Resolved to In Progress

test 1356cd61457b8a48ed879b97c5cd14eb4ccf0f29

from https://github.com/dtao/safe_yaml "Symbols receive special treatment in Ruby and are not garbage collected, which means deserializing them indiscriminately may render your site vulnerable to a DOS attack." But it doesn't explain what DoS attacks is it vulnerable to.

On the other hand, it LGTM since we had de-serialization before using gem yaml_safe (so we were vulnerable anyway). We even had external command execution in application.yml, that caused overhead every time the file got read (like cron executions)

Ready to merge.

Actions #7

Updated by Nico César over 7 years ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF