incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Coli <rc...@eventbrite.com>
Subject Re: "SQL" Injection C* (via CQL & Thrift)
Date Thu, 20 Jun 2013 16:59:23 GMT
On Thu, Jun 20, 2013 at 2:15 AM, aaron morton <aaron@thelastpickle.com> wrote:
>> As for the thrift side (i.e. using Hector or Astyanax), anyone have a crafty way
to inject something?
>
> The only thing I've ever heard of coming close was a thrift bug that allowed a malformed
request to crash the server. But that was a while ago https://issues.apache.org/jira/browse/CASSANDRA-475

Oh, that brings me back. Literally my first interaction with a
cassandra server :

- start cassandra
- telnet localhost 9160
- "asdasdasdasdsa"
- "Connection reset by peer"
- notice server has crashed

Not *really* a Cassandra bug, but hilarious nonetheless. :)

=Rob

Mime
View raw message