You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yesterday, there was an instance of RecordDeletor accepting an HTML file caused by a misspecification of the input source. This caused 334 records to be erroneously deleted, and there is no log indicating which records were affected.
Given the disastrous results of an invalid key file being used, RecordDeletor must be fixed to perform a sanity check on complete file before processing any delete instructions.
2018-04-11 15:48:03,915 INFO : [RecordDeletor] - Using file name: https://www.dropbox.com/s/redacted/redacted.csv?dl=0
2018-04-11 15:48:03,916 INFO : [RecordDeletor] - downloading remote file.. https://www.dropbox.com/s/redacted/redacted.csv?dl=0
2018-04-11 15:48:05,544 INFO : [RecordDeletor] - Creating file: /data/tmp/delete_row_key_file.csv
2018-04-11 15:48:06,558 INFO : [RecordDeletor] - Deleting ID : <!DOCTYPE html><html xml:lang="en" class="maestro" xmlns="http://www.w4.org/1999/xhtml"><head><script nonce="6btDux7OucsAG9RXvyNs">
2018-04-11 15:48:06,587 WARN : [OccurrenceDAO] - Unable to find record in occurrence store with uuid: <!DOCTYPE html><html xml:lang="en" class="maestro" xmlns="http://www.w4.org/1999/xhtml"><head><script nonce="6btDux7OucsAG9RXvyNs">
..... [Very worrying lines where everything is passed to Cassandra in a query without any verification before the final line confirms the worst case scenario that cassandra actually had 334 records deleted as a result of processing the HTML file as a key file]
2018-04-11 15:48:08,278 INFO : [RecordDeletor] - Records deleted from index : 334
The text was updated successfully, but these errors were encountered:
Initial attempt to fix the lack of checks in FileDelete for invalid files, such as error pages when people send in URLs, instead of pushing all of the lines through to the database and hoping they all error out.
Signed-off-by: Peter Ansell <[email protected]>
Yesterday, there was an instance of
RecordDeletor
accepting an HTML file caused by a misspecification of the input source. This caused 334 records to be erroneously deleted, and there is no log indicating which records were affected.Given the disastrous results of an invalid key file being used,
RecordDeletor
must be fixed to perform a sanity check on complete file before processing any delete instructions.The text was updated successfully, but these errors were encountered: