Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-9890

Bytecode inspection for Java-UDFs

Agile BoardAttach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Fix Version/s: 3.0 beta 1
    • Component/s: None
    • Labels:
      None

      Description

      (Follow-up to CASSANDRA-9402)

      For Java-UDFs we could inspect the compiled Java byte code to find usages of the Java language that are "forbidden" to UDFs.

      These include usages of:

      • synchronized keyword
      • call to j.l.Object.wait
      • call to j.l.Object.notify
      • call to j.l.Object.notifyAll
      • call to j.l.Object.getClass
      • calls to specific methods of currently allowed classes in the driver (but would need some investigation)

      By inspecting the byte code before the class is actually used, even dirty constructs like the following would be impossible:

      CREATE OR REPLACE FUNCTION ... AS $$  return Math.sin(val);
      }
      
      {
        // anonymous initializer code
      }
      
      static {
        // static initializer code
      $$;
      

      (inspired by this blog post)

        Attachments

          Activity

            People

            • Assignee:
              snazy Robert Stupp Assign to me
              Reporter:
              snazy Robert Stupp
              Authors:
              Robert Stupp
              Reviewers:
              T Jake Luciani

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment