From ca8f5a687477637f3111d56281e1fe76abba1e12 Mon Sep 17 00:00:00 2001
From: "Reg [bot]" <86050514+tidb-dashboard-bot@users.noreply.github.com>
Date: Fri, 3 Sep 2021 03:50:14 +0800
Subject: [PATCH 1/3] Update TiDB Dashboard to v2021.08.26.1 [release-5.1]
 (#4036)

* Update TiDB Dashboard to v2021.08.26.1

Signed-off-by: tidb-dashboard-bot <tidb-dashboard-bot@pingcap.com>

* tiny fix

Signed-off-by: HunDunDM <hundundm@gmail.com>

Co-authored-by: tidb-dashboard-bot <tidb-dashboard-bot@pingcap.com>
Co-authored-by: HunDunDM <hundundm@gmail.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 8c365953705..3c61109718f 100644
--- a/go.mod
+++ b/go.mod
@@ -31,7 +31,7 @@ require (
 	github.com/pingcap/kvproto v0.0.0-20210712050333-b66fdbd6bfd5
 	github.com/pingcap/log v0.0.0-20210317133921-96f4fcab92a4
 	github.com/pingcap/sysutil v0.0.0-20210315073920-cc0985d983a3
-	github.com/pingcap/tidb-dashboard v0.0.0-20210716172320-2226872e3296
+	github.com/pingcap/tidb-dashboard v0.0.0-20210902124511-e723204205f7
 	github.com/prometheus/client_golang v1.1.0
 	github.com/prometheus/client_model v0.2.0 // indirect
 	github.com/prometheus/common v0.6.0
diff --git a/go.sum b/go.sum
index aaaba1dea46..6f97d900727 100644
--- a/go.sum
+++ b/go.sum
@@ -325,8 +325,8 @@ github.com/pingcap/log v0.0.0-20210317133921-96f4fcab92a4 h1:ERrF0fTuIOnwfGbt71J
 github.com/pingcap/log v0.0.0-20210317133921-96f4fcab92a4/go.mod h1:4rbK1p9ILyIfb6hU7OG2CiWSqMXnp3JMbiaVJ6mvoY8=
 github.com/pingcap/sysutil v0.0.0-20210315073920-cc0985d983a3 h1:A9KL9R+lWSVPH8IqUuH1QSTRJ5FGoY1bT2IcfPKsWD8=
 github.com/pingcap/sysutil v0.0.0-20210315073920-cc0985d983a3/go.mod h1:tckvA041UWP+NqYzrJ3fMgC/Hw9wnmQ/tUkp/JaHly8=
-github.com/pingcap/tidb-dashboard v0.0.0-20210716172320-2226872e3296 h1:kTH6Jyn8XVoFJNxT3UF4eiZMxDbyfsSXkAtSk9jLGr4=
-github.com/pingcap/tidb-dashboard v0.0.0-20210716172320-2226872e3296/go.mod h1:OCXbZTBTIMRcIt0jFsuCakZP+goYRv6IjawKbwLS2TQ=
+github.com/pingcap/tidb-dashboard v0.0.0-20210902124511-e723204205f7 h1:uYimp8O2UlwlZm/gMlPDXvuCCTKQETRc8iFmPpxNi78=
+github.com/pingcap/tidb-dashboard v0.0.0-20210902124511-e723204205f7/go.mod h1:OCXbZTBTIMRcIt0jFsuCakZP+goYRv6IjawKbwLS2TQ=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=

From 14c12cd16e412e7b18e70f2f33eae2a163c10feb Mon Sep 17 00:00:00 2001
From: Ti Chi Robot <ti-community-prow-bot@tidb.io>
Date: Mon, 13 Sep 2021 20:30:40 +0800
Subject: [PATCH 2/3] api: restrict persist-file to only accept JSON data
 (#3969) (#3972)

Signed-off-by: disksing <i@disksing.com>

Co-authored-by: disksing <i@disksing.com>
---
 server/api/admin.go      | 7 ++++++-
 server/api/admin_test.go | 9 +++++++++
 server/server.go         | 1 +
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/server/api/admin.go b/server/api/admin.go
index a3676c560f9..8f14e99d2bb 100644
--- a/server/api/admin.go
+++ b/server/api/admin.go
@@ -14,6 +14,7 @@
 package api
 
 import (
+	"encoding/json"
 	"io"
 	"net/http"
 	"strconv"
@@ -95,7 +96,7 @@ func (h *adminHandler) ResetTS(w http.ResponseWriter, r *http.Request) {
 }
 
 // Intentionally no swagger mark as it is supposed to be only used in
-// server-to-server.
+// server-to-server. For security reason, it only accepts JSON formatted data.
 func (h *adminHandler) persistFile(w http.ResponseWriter, r *http.Request) {
 	data, err := io.ReadAll(r.Body)
 	if err != nil {
@@ -103,6 +104,10 @@ func (h *adminHandler) persistFile(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	defer r.Body.Close()
+	if !json.Valid(data) {
+		h.rd.Text(w, http.StatusBadRequest, "body should be json format")
+		return
+	}
 	err = h.svr.PersistFile(mux.Vars(r)["file_name"], data)
 	if err != nil {
 		h.rd.Text(w, http.StatusInternalServerError, err.Error())
diff --git a/server/api/admin_test.go b/server/api/admin_test.go
index 497d3055740..889f0cc375d 100644
--- a/server/api/admin_test.go
+++ b/server/api/admin_test.go
@@ -88,6 +88,15 @@ func (s *testAdminSuite) TestDropRegion(c *C) {
 	c.Assert(region.GetRegionEpoch().Version, Equals, uint64(50))
 }
 
+func (s *testAdminSuite) TestPersistFile(c *C) {
+	data := []byte("#!/bin/sh\nrm -rf /")
+	err := postJSON(testDialClient, s.urlPrefix+"/admin/persist-file/fun.sh", data)
+	c.Assert(err, NotNil)
+	data = []byte(`{"foo":"bar"}`)
+	err = postJSON(testDialClient, s.urlPrefix+"/admin/persist-file/good.json", data)
+	c.Assert(err, IsNil)
+}
+
 var _ = Suite(&testTSOSuite{})
 
 type testTSOSuite struct {
diff --git a/server/server.go b/server/server.go
index f5375859517..588e48275ac 100644
--- a/server/server.go
+++ b/server/server.go
@@ -1330,6 +1330,7 @@ func (s *Server) reloadConfigFromKV() error {
 
 // ReplicateFileToAllMembers is used to synchronize state among all members.
 // Each member will write `data` to a local file named `name`.
+// For security reason, data should be in JSON format.
 func (s *Server) ReplicateFileToAllMembers(ctx context.Context, name string, data []byte) error {
 	resp, err := s.GetMembers(ctx, nil)
 	if err != nil {

From b7968b1284bca60dd79a30dd4b78fe3f116a960b Mon Sep 17 00:00:00 2001
From: Ti Chi Robot <ti-community-prow-bot@tidb.io>
Date: Mon, 13 Sep 2021 22:04:40 +0800
Subject: [PATCH 3/3] checker: judging that the peer is down is no longer based
 on DownSeconds (#4078) (#4083)

* checker: judging that the peer is down is no longer based on DownSeconds

Signed-off-by: HunDunDM <hundundm@gmail.com>

* address comment

Signed-off-by: HunDunDM <hundundm@gmail.com>

Co-authored-by: HunDunDM <hundundm@gmail.com>
---
 server/schedule/checker/replica_checker.go | 5 +----
 server/schedule/checker/rule_checker.go    | 4 +---
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/server/schedule/checker/replica_checker.go b/server/schedule/checker/replica_checker.go
index 4f93058d905..5edf8a2d6cc 100644
--- a/server/schedule/checker/replica_checker.go
+++ b/server/schedule/checker/replica_checker.go
@@ -106,13 +106,10 @@ func (r *ReplicaChecker) checkDownPeer(region *core.RegionInfo) *operator.Operat
 			log.Warn("lost the store, maybe you are recovering the PD cluster", zap.Uint64("store-id", storeID))
 			return nil
 		}
+		// Only consider the state of the Store, not `stats.DownSeconds`.
 		if store.DownTime() < r.opts.GetMaxStoreDownTime() {
 			continue
 		}
-		if stats.GetDownSeconds() < uint64(r.opts.GetMaxStoreDownTime().Seconds()) {
-			continue
-		}
-
 		return r.fixPeer(region, storeID, downStatus)
 	}
 	return nil
diff --git a/server/schedule/checker/rule_checker.go b/server/schedule/checker/rule_checker.go
index 3b1b95137d4..6ce4e8de449 100644
--- a/server/schedule/checker/rule_checker.go
+++ b/server/schedule/checker/rule_checker.go
@@ -292,12 +292,10 @@ func (c *RuleChecker) isDownPeer(region *core.RegionInfo, peer *metapb.Peer) boo
 			log.Warn("lost the store, maybe you are recovering the PD cluster", zap.Uint64("store-id", storeID))
 			return false
 		}
+		// Only consider the state of the Store, not `stats.DownSeconds`.
 		if store.DownTime() < c.cluster.GetOpts().GetMaxStoreDownTime() {
 			continue
 		}
-		if stats.GetDownSeconds() < uint64(c.cluster.GetOpts().GetMaxStoreDownTime().Seconds()) {
-			continue
-		}
 		return true
 	}
 	return false