fix: patch reload4j for Kafka 3.9.x (#1330)

* fix: patch reload4j for Kafka 3.9.x

* update changelog

* use StringBuilder instead of StringBuffer

* fix compile error

Author: razvan

CHANGELOG.md

@@ -57,6 +57,7 @@ All notable changes to this project will be documented in this file.
 - superset: Pin `luxon` to version 3.6.1 to fix build ([#1315], [#1316])
 - nifi: Use a patched version of logback to fix corrupted logs ([#1314])
 - zookeeper: Use a patched version of logback to fix corrupted logs ([#1320])
+- kafka: Use patched version of reload4j to fix corrupted logs ([#1330])
 
 ### Fixed
 
@@ -124,6 +125,7 @@ All notable changes to this project will be documented in this file.
 [#1322]: https://github.com/stackabletech/docker-images/pull/1322
 [#1323]: https://github.com/stackabletech/docker-images/pull/1323
 [#1326]: https://github.com/stackabletech/docker-images/pull/1326
+[#1330]: https://github.com/stackabletech/docker-images/pull/1330
 
 ## [25.7.0] - 2025-07-23
 

kafka/Dockerfile

@@ -3,7 +3,7 @@
 
 FROM local-image/kafka/kcat AS kcat
 FROM local-image/kafka/kafka-opa-plugin AS kafka-opa-plugin
-
+FROM local-image/shared/reload4j AS patched-reload4j
 FROM local-image/java-devel AS kafka-builder
 
 ARG PRODUCT_VERSION
@@ -18,8 +18,12 @@ WORKDIR /stackable
 COPY --chown=${STACKABLE_USER_UID}:0 kafka/stackable/jmx/ /stackable/jmx/
 COPY --chown=${STACKABLE_USER_UID}:0 kafka/stackable/patches/patchable.toml /stackable/src/kafka/stackable/patches/patchable.toml
 COPY --chown=${STACKABLE_USER_UID}:0 kafka/stackable/patches/${PRODUCT_VERSION} /stackable/src/kafka/stackable/patches/${PRODUCT_VERSION}
+COPY --chown=${STACKABLE_USER_UID}:0 --from=patched-reload4j /stackable/.m2/repository /stackable/patched-reload4j-libs
 
 RUN <<EOF
+mkdir -p /stackable/.m2/repository
+cp -r /stackable/patched-reload4j-libs/* /stackable/.m2/repository
+
 cd "$(/stackable/patchable --images-repo-root=src checkout kafka ${PRODUCT_VERSION})"
 
 NEW_VERSION="${PRODUCT_VERSION}-stackable${RELEASE_VERSION}"
@@ -78,6 +82,7 @@ COPY --chown=${STACKABLE_USER_UID}:0 --from=kcat /stackable/kcat-${KAFKA_KCAT_VE
 COPY --chown=${STACKABLE_USER_UID}:0 --from=kcat /licenses /licenses
 COPY --chown=${STACKABLE_USER_UID}:0 --from=kafka-opa-plugin /stackable/src/kafka/kafka-opa-plugin/patchable-work/worktree/${KAFKA_KAFKA_OPA_PLUGIN_VERSION}/build/libs/opa-authorizer-${KAFKA_KAFKA_OPA_PLUGIN_VERSION}-all.jar /stackable/kafka_${SCALA_VERSION}-${PRODUCT_VERSION}-stackable${RELEASE_VERSION}/libs/opa-authorizer-${KAFKA_KAFKA_OPA_PLUGIN_VERSION}-all.jar
 COPY --chown=${STACKABLE_USER_UID}:0 --from=kafka-opa-plugin /stackable/kafka-opa-plugin-${KAFKA_KAFKA_OPA_PLUGIN_VERSION}-src.tar.gz /stackable
+COPY --chown=${STACKABLE_USER_UID}:0 --from=patched-reload4j /stackable/*-src.tar.gz /stackable
 
 COPY --chown=${STACKABLE_USER_UID}:0 kafka/licenses /licenses
 

kafka/boil-config.toml

@@ -3,6 +3,7 @@ java-base = "21"
 java-devel = "21"
 "kafka/kcat" = "1.7.0"
 "kafka/kafka-opa-plugin" = "1.5.1"
+"shared/reload4j" = "1.2.25"
 
 [versions."3.7.2".build-arguments]
 scala-version = "2.13"
@@ -13,6 +14,7 @@ java-base = "21"
 java-devel = "21"
 "kafka/kcat" = "1.7.0"
 "kafka/kafka-opa-plugin" = "1.5.1"
+"shared/reload4j" = "1.2.25"
 
 [versions."3.9.1".build-arguments]
 scala-version = "2.13"

shared/reload4j/Dockerfile

@@ -0,0 +1,23 @@
+# syntax=docker/dockerfile:1.15.1@sha256:9857836c9ee4268391bb5b09f9f157f3c91bb15821bb77969642813b0d00518d
+# check=error=true
+
+FROM local-image/java-devel AS builder
+
+ARG PRODUCT_VERSION
+ARG RELEASE_VERSION
+ARG STACKABLE_USER_UID
+
+COPY --chown=${STACKABLE_USER_UID}:0 shared/reload4j/stackable/patches/patchable.toml /stackable/src/shared/reload4j/stackable/patches/patchable.toml
+COPY --chown=${STACKABLE_USER_UID}:0 shared/reload4j/stackable/patches/${PRODUCT_VERSION} /stackable/src/shared/reload4j/stackable/patches/${PRODUCT_VERSION}
+
+USER ${STACKABLE_USER_UID}
+WORKDIR /stackable
+
+RUN <<EOF
+cd "$(/stackable/patchable --images-repo-root=src checkout shared/reload4j ${PRODUCT_VERSION})"
+
+# Create snapshot of the source code including custom patches
+tar -czf /stackable/reload4j-${PRODUCT_VERSION}-src.tar.gz .
+
+mvn --batch-mode --no-transfer-progress clean install -DskipTests -Dmaven.test.skip=true -Dmaven.javadoc.skip=true
+EOF

shared/reload4j/boil-config.toml

@@ -0,0 +1,2 @@
+[versions."1.2.25".local-images]
+java-devel = "8"

shared/reload4j/stackable/patches/1.2.25/0001-fix-move-buffer-into-function-to-prevent-race.patch

@@ -0,0 +1,57 @@
+From 124575963f02242904d655cfde7d05375c2c2d26 Mon Sep 17 00:00:00 2001
+From: Razvan-Daniel Mihai <[email protected]>
+Date: Wed, 5 Nov 2025 12:27:34 +0100
+Subject: fix: move buffer into function to prevent race
+
+---
+ src/main/java/org/apache/log4j/helpers/Transform.java |  4 ++--
+ src/main/java/org/apache/log4j/xml/XMLLayout.java     | 10 +---------
+ 2 files changed, 3 insertions(+), 11 deletions(-)
+
+diff --git a/src/main/java/org/apache/log4j/helpers/Transform.java b/src/main/java/org/apache/log4j/helpers/Transform.java
+index ad77e165..5f0aba25 100644
+--- a/src/main/java/org/apache/log4j/helpers/Transform.java
++++ b/src/main/java/org/apache/log4j/helpers/Transform.java
+@@ -76,11 +76,11 @@ public class Transform {
+     /**
+      * Ensures that embeded CDEnd strings (]]&gt;) are handled properly within message, NDC and throwable tag text.
+      *
+-     * @param buf StringBuffer holding the XML data to this point. The initial CDStart (&lt;![CDATA[) and final CDEnd
++     * @param buf StringBuilder holding the XML data to this point. The initial CDStart (&lt;![CDATA[) and final CDEnd
+      *            (]]&gt;) of the CDATA section are the responsibility of the calling method.
+      * @param str The String that is inserted into an existing CDATA Section within buf.
+      */
+-    static public void appendEscapingCDATA(final StringBuffer buf, final String str) {
++    static public void appendEscapingCDATA(final StringBuilder buf, final String str) {
+         if (str != null) {
+             int end = str.indexOf(CDATA_END);
+             if (end < 0) {
+diff --git a/src/main/java/org/apache/log4j/xml/XMLLayout.java b/src/main/java/org/apache/log4j/xml/XMLLayout.java
+index 4f0d99f3..35ef30d8 100644
+--- a/src/main/java/org/apache/log4j/xml/XMLLayout.java
++++ b/src/main/java/org/apache/log4j/xml/XMLLayout.java
+@@ -64,9 +64,7 @@ import java.util.Arrays;
+ public class XMLLayout extends Layout {
+ 
+     private final int DEFAULT_SIZE = 256;
+-    private final int UPPER_LIMIT = 2048;
+ 
+-    private StringBuffer buf = new StringBuffer(DEFAULT_SIZE);
+     private boolean locationInfo = false;
+     private boolean properties = false;
+ 
+@@ -121,13 +119,7 @@ public class XMLLayout extends Layout {
+      */
+     public String format(final LoggingEvent event) {
+ 
+-        // Reset working buffer. If the buffer is too large, then we need a new
+-        // one in order to avoid the penalty of creating a large array.
+-        if (buf.capacity() > UPPER_LIMIT) {
+-            buf = new StringBuffer(DEFAULT_SIZE);
+-        } else {
+-            buf.setLength(0);
+-        }
++        StringBuilder buf = new StringBuilder(DEFAULT_SIZE);
+ 
+         // We yield to the \r\n heresy.
+ 

shared/reload4j/stackable/patches/1.2.25/patchable.toml

@@ -0,0 +1,2 @@
+mirror = "https://github.com/stackabletech/reload4j.git"
+base = "2dfce6aac8e9881f60b6c9fda3fdc1e79e2c14b3"

shared/reload4j/stackable/patches/patchable.toml

@@ -0,0 +1,2 @@
+upstream = "https://github.com/qos-ch/reload4j.git"
+default-mirror = "https://github.com/stackabletech/reload4j.git"