You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Brandon Williams (JIRA)" <ji...@apache.org> on 2014/08/08 20:13:13 UTC

[jira] [Assigned] (CASSANDRA-7725) CqlRecordReader does not validate input_cql Statments

     [ https://issues.apache.org/jira/browse/CASSANDRA-7725?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brandon Williams reassigned CASSANDRA-7725:
-------------------------------------------

    Assignee: Sylvain Lebresne

> CqlRecordReader does not validate input_cql Statments
> -----------------------------------------------------
>
>                 Key: CASSANDRA-7725
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7725
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Hadoop
>            Reporter: Russell Alexander Spitzer
>            Assignee: Sylvain Lebresne
>
> CRR reader doesn't validate input_cql statements which can lead to some very dangerous results. In general we should make sure that the statement conforms to the required template and throw an exception if they don't.
> For example if a use puts in an input statement like
> {code}
> SELECT * from ks.tab
> {code}
> Will run but will run the same query for each split.
> https://github.com/apache/cassandra/blob/541a20dbb2ef258705c0632cddc3361ea533995c/src/java/org/apache/cassandra/hadoop/cql3/CqlRecordReader.java#L231



--
This message was sent by Atlassian JIRA
(v6.2#6252)