Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-9890

Bytecode inspection for Java-UDFs

Agile BoardAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • 3.0 beta 1
    • None
    • None

    Description

      (Follow-up to CASSANDRA-9402)

      For Java-UDFs we could inspect the compiled Java byte code to find usages of the Java language that are "forbidden" to UDFs.

      These include usages of:

      • synchronized keyword
      • call to j.l.Object.wait
      • call to j.l.Object.notify
      • call to j.l.Object.notifyAll
      • call to j.l.Object.getClass
      • calls to specific methods of currently allowed classes in the driver (but would need some investigation)

      By inspecting the byte code before the class is actually used, even dirty constructs like the following would be impossible:

      CREATE OR REPLACE FUNCTION ... AS $$  return Math.sin(val);
      }
      
      {
        // anonymous initializer code
      }
      
      static {
        // static initializer code
      $$;
      

      (inspired by this blog post)

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            snazy Robert Stupp Assign to me
            snazy Robert Stupp
            Robert Stupp
            T Jake Luciani
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment