Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-8280

Cassandra crashing on inserting data over 64K into indexed strings

Agile BoardAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Urgent
    • Resolution: Fixed
    • 2.0.12, 2.1.3
    • Legacy/CQL
    • None
    • Debian 7, Cassandra 2.1.1, java 1.7.0_60

    • Critical

    Description

      An attemtp to instert 65536 bytes in a field that is a primary index throws (correctly?) the cassandra.InvalidRequest exception. However, inserting the same data in a indexed field that is not a primary index works just fine.

      However, Cassandra will crash on next commit and never recover. So I rated it as Critical as it can be used for DoS attacks.

      Reproduce: see the snippet below:

      import uuid
      from cassandra import ConsistencyLevel
      from cassandra import InvalidRequest
      from cassandra.cluster import Cluster
      from cassandra.auth import PlainTextAuthProvider
      from cassandra.policies import ConstantReconnectionPolicy
      from cassandra.cqltypes import UUID
       
      # DROP KEYSPACE IF EXISTS cs;
      # CREATE KEYSPACE cs WITH replication = {'class': 'SimpleStrategy', 'replication_factor': 1};
      # USE cs;
      # CREATE TABLE test3 (name text, value uuid, sentinel text, PRIMARY KEY (name));
      # CREATE INDEX test3_sentinels ON test3(sentinel);             
       
      class CassandraDemo(object):
       
          def __init__(self):
              ips = ["127.0.0.1"]
              ap = PlainTextAuthProvider(username="cs", password="cs")
              reconnection_policy = ConstantReconnectionPolicy(20.0, max_attempts=1000000)
              cluster = Cluster(ips, auth_provider=ap, protocol_version=3, reconnection_policy=reconnection_policy)
              self.session = cluster.connect("cs")
       
          def exec_query(self, query, args):
              prepared_statement = self.session.prepare(query)
              prepared_statement.consistency_level = ConsistencyLevel.LOCAL_QUORUM
              self.session.execute(prepared_statement, args)
       
          def bug(self):
              k1 = UUID( str(uuid.uuid4()) )       
              long_string = "X" * 65536
              query = "INSERT INTO test3 (name, value, sentinel) VALUES (?, ?, ?);"
              args = ("foo", k1, long_string)
       
              self.exec_query(query, args)
              self.session.execute("DROP KEYSPACE IF EXISTS cs_test", timeout=30)
              self.session.execute("CREATE KEYSPACE cs_test WITH replication = {'class': 'SimpleStrategy', 'replication_factor': 1}")
               
      c = CassandraDemo()
      
      #first run
      c.bug()
      
      #second run, Cassandra crashes with java.lang.AssertionError
      c.bug()
      

      And here is the cassandra log:

      ERROR [MemtableFlushWriter:3] 2014-11-06 16:44:49,263 CassandraDaemon.java:153 - Exception in thread Thread[MemtableFlushWriter:3,5,main]
      java.lang.AssertionError: 65536
              at org.apache.cassandra.utils.ByteBufferUtil.writeWithShortLength(ByteBufferUtil.java:290) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.db.ColumnIndex$Builder.maybeWriteRowHeader(ColumnIndex.java:214) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.db.ColumnIndex$Builder.add(ColumnIndex.java:201) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.db.ColumnIndex$Builder.build(ColumnIndex.java:142) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.io.sstable.SSTableWriter.rawAppend(SSTableWriter.java:233) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.io.sstable.SSTableWriter.append(SSTableWriter.java:218) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.db.Memtable$FlushRunnable.writeSortedContents(Memtable.java:354) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.db.Memtable$FlushRunnable.runWith(Memtable.java:312) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.io.util.DiskAwareRunnable.runMayThrow(DiskAwareRunnable.java:48) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at org.apache.cassandra.utils.WrappedRunnable.run(WrappedRunnable.java:28) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at com.google.common.util.concurrent.MoreExecutors$SameThreadExecutorService.execute(MoreExecutors.java:297) ~[guava-16.0.jar:na]
              at org.apache.cassandra.db.ColumnFamilyStore$Flush.run(ColumnFamilyStore.java:1053) ~[apache-cassandra-2.1.1.jar:2.1.1]
              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) ~[na:1.7.0_60]
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) ~[na:1.7.0_60]
              at java.lang.Thread.run(Thread.java:745) ~[na:1.7.0_60]
      

      Attachments

        1. 8280-2.0.txt
          10 kB
          Sam Tunnicliffe
        2. 8280-2.1.txt
          7 kB
          Sam Tunnicliffe
        3. 8280-2.1-v2.txt
          8 kB
          Sam Tunnicliffe
        4. 8280-2.0-v2.txt
          13 kB
          Sam Tunnicliffe
        5. 8280-2.0-v3.txt
          14 kB
          Sam Tunnicliffe
        6. 8280-2.0-v4.txt
          16 kB
          Sam Tunnicliffe

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            samt Sam Tunnicliffe Assign to me
            crismar Cristian Marinescu
            Sam Tunnicliffe
            Aleksey Yeschenko
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment