Uploaded image for project: 'Apache Cassandra'
  1. Apache Cassandra
  2. CASSANDRA-9890

Bytecode inspection for Java-UDFs

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • 3.0 beta 1
    • None
    • None

    Description

      (Follow-up to CASSANDRA-9402)

      For Java-UDFs we could inspect the compiled Java byte code to find usages of the Java language that are "forbidden" to UDFs.

      These include usages of:

      • synchronized keyword
      • call to j.l.Object.wait
      • call to j.l.Object.notify
      • call to j.l.Object.notifyAll
      • call to j.l.Object.getClass
      • calls to specific methods of currently allowed classes in the driver (but would need some investigation)

      By inspecting the byte code before the class is actually used, even dirty constructs like the following would be impossible:

      CREATE OR REPLACE FUNCTION ... AS $$  return Math.sin(val);
      }
      
      {
        // anonymous initializer code
      }
      
      static {
        // static initializer code
      $$;
      

      (inspired by this blog post)

      Attachments

        Issue Links

          Activity

            People

              snazy Robert Stupp
              snazy Robert Stupp
              Robert Stupp
              T Jake Luciani
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: