Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-7725

CqlRecordReader does not validate input_cql Statments

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Duplicate
    • 2.0.10, 2.1.0
    • None
    • None
    • Normal

    Description

      CRR reader doesn't validate input_cql statements which can lead to some very dangerous results. In general we should make sure that the statement conforms to the required template and throw an exception if they don't.

      For example if a use puts in an input statement like

      SELECT * from ks.tab
      

      Will run but will run the same query for each split.

      https://github.com/apache/cassandra/blob/541a20dbb2ef258705c0632cddc3361ea533995c/src/java/org/apache/cassandra/hadoop/cql3/CqlRecordReader.java#L231

      Attachments

        Issue Links

          Activity

            People

              mike_tr_adamson Mike Adamson
              rspitzer Russell Spitzer
              Mike Adamson
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: