Elasticsearch Version
8.2
Installed Plugins
No response
Java Version
bundled
OS Version
Any
Problem Description
The PluginInfo verification code in Elasticsearch ensures that plugins must match the Elasticsearch they are being installed into. However, if the plugin descriptor properties file contains an empty string, the Version.fromString call would simply return the latest Elasticsearch version.
The bug relates to the following code:
final String esVersionString = propsMap.remove("elasticsearch.version");
if (esVersionString == null) {
throw new IllegalArgumentException("property [elasticsearch.version] is missing for plugin [" + name + "]");
}
final Version esVersion = Version.fromString(esVersionString);
Apart from checking esVersionString for null, we should also check for the String being empty, e.g Strings.hasLength(esVersionString) == false.
Steps to Reproduce
-
Take any Elasticsearch plugin from a version other than the current
-
Manually edit the plugin-descriptor.properties file in the jar and set elasticsearch.version=
-
Deploy the plugin in the latest version of Elasticsearch
Logs (if relevant)
No response
Elasticsearch Version
8.2
Installed Plugins
No response
Java Version
bundled
OS Version
Any
Problem Description
The PluginInfo verification code in Elasticsearch ensures that plugins must match the Elasticsearch they are being installed into. However, if the plugin descriptor properties file contains an empty string, the Version.fromString call would simply return the latest Elasticsearch version.
The bug relates to the following code:
Apart from checking esVersionString for null, we should also check for the String being empty, e.g
Strings.hasLength(esVersionString) == false.Steps to Reproduce
Take any Elasticsearch plugin from a version other than the current
Manually edit the plugin-descriptor.properties file in the jar and set
elasticsearch.version=Deploy the plugin in the latest version of Elasticsearch
Logs (if relevant)
No response