YARN-4017. container-executor overuses PATH_MAX. Contributed by Sidharta Seethana

(cherry picked from commit 5b6bae00942c495e4be6ea2b8eb0676a48468dc6)
(cherry picked from commit 34b8142802eb4af99b3bb7586bc2f8a47f6d73c7)

hadoop-yarn-project/CHANGES.txt

@@ -115,6 +115,9 @@ Release 2.7.4 - UNRELEASED
     YARN-1471. The SLS simulator is not running the preemption policy
     for CapacityScheduler (Carlo Curino via cdouglas) Backport by Ye Zhou.
 
+    YARN-4017. container-executor overuses PATH_MAX.
+    (Sidharta Seethana via vvasudev)
+
 Release 2.7.3 - 2016-08-25
 
   INCOMPATIBLE CHANGES

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.c

@@ -94,12 +94,12 @@ static int is_only_root_writable(const char *file) {
  */
 char *resolve_config_path(const char* file_name, const char *root) {
   const char *real_fname = NULL;
-  char buffer[PATH_MAX*2 + 1];
+  char buffer[EXECUTOR_PATH_MAX*2 + 1];
 
   if (file_name[0] == '/') {
     real_fname = file_name;
   } else if (realpath(root, buffer) != NULL) {
-    strncpy(strrchr(buffer, '/') + 1, file_name, PATH_MAX);
+    strncpy(strrchr(buffer, '/') + 1, file_name, EXECUTOR_PATH_MAX);
     real_fname = buffer;
   }
 

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/configuration.h

@@ -18,6 +18,10 @@
 
 #include <stddef.h>
 
+/** Define a platform-independent constant instead of using PATH_MAX */
+
+#define EXECUTOR_PATH_MAX 4096
+
 /**
  * Ensure that the configuration file and all of the containing directories
  * are only writable by root. Otherwise, an attacker can change the 

hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c

@@ -61,17 +61,17 @@ void set_nm_uid(uid_t user, gid_t group) {
  * get the executable filename.
  */
 char* get_executable() {
-  char buffer[PATH_MAX];
-  snprintf(buffer, PATH_MAX, "/proc/%u/exe", getpid());
-  char *filename = malloc(PATH_MAX);
-  ssize_t len = readlink(buffer, filename, PATH_MAX);
+  char buffer[EXECUTOR_PATH_MAX];
+  snprintf(buffer, EXECUTOR_PATH_MAX, "/proc/%u/exe", getpid());
+  char *filename = malloc(EXECUTOR_PATH_MAX);
+  ssize_t len = readlink(buffer, filename, EXECUTOR_PATH_MAX);
   if (len == -1) {
     fprintf(ERRORFILE, "Can't get executable name from %s - %s\n", buffer,
             strerror(errno));
     exit(-1);
-  } else if (len >= PATH_MAX) {
+  } else if (len >= EXECUTOR_PATH_MAX) {
     fprintf(ERRORFILE, "Executable name %.*s is longer than %d characters.\n",
-            PATH_MAX, filename, PATH_MAX);
+            EXECUTOR_PATH_MAX, filename, EXECUTOR_PATH_MAX);
     exit(-1);
   }
   filename[len] = '\0';
@@ -1429,7 +1429,7 @@ int mount_cgroup(const char *pair, const char *hierarchy) {
 #else
   char *controller = malloc(strlen(pair));
   char *mount_path = malloc(strlen(pair));
-  char hier_path[PATH_MAX];
+  char hier_path[EXECUTOR_PATH_MAX];
   int result = 0;
 
   if (get_kv_key(pair, controller, strlen(pair)) < 0 ||
@@ -1441,7 +1441,7 @@ int mount_cgroup(const char *pair, const char *hierarchy) {
     if (mount("none", mount_path, "cgroup", 0, controller) == 0) {
       char *buf = stpncpy(hier_path, mount_path, strlen(mount_path));
       *buf++ = '/';
-      snprintf(buf, PATH_MAX - (buf - hier_path), "%s", hierarchy);
+      snprintf(buf, EXECUTOR_PATH_MAX - (buf - hier_path), "%s", hierarchy);
 
       // create hierarchy as 0750 and chown to Hadoop NM user
       const mode_t perms = S_IRWXU | S_IRGRP | S_IXGRP;