cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Russell Alexander Spitzer (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CASSANDRA-7725) CqlRecordReader does not validate input_cql Statments
Date Fri, 08 Aug 2014 18:01:17 GMT
Russell Alexander Spitzer created CASSANDRA-7725:
----------------------------------------------------

             Summary: CqlRecordReader does not validate input_cql Statments
                 Key: CASSANDRA-7725
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7725
             Project: Cassandra
          Issue Type: Bug
          Components: Hadoop
            Reporter: Russell Alexander Spitzer


CRR reader doesn't validate input_cql statements which can lead to some very dangerous results.
In general we should make sure that the statement conforms to the required template and throw
an exception.

For example if a use puts in an input statement like
{code}
SELECT * from ks.tab
{code}
Will run but will run the same query for each split.

https://github.com/apache/cassandra/blob/541a20dbb2ef258705c0632cddc3361ea533995c/src/java/org/apache/cassandra/hadoop/cql3/CqlRecordReader.java#L231





--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message