[jira] [Updated] (CASSANDRA-17878) Harden parsing of boolean values in CQL in PropertyDefinitions

Tue, 08 Nov 2022 05:00:37 -0800 


     [ 
https://issues.apache.org/jira/browse/CASSANDRA-17878?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aleksey Yeschenko updated CASSANDRA-17878:
------------------------------------------
    Fix Version/s: 4.0.x
                   4.1.x

> Harden parsing of boolean values in CQL in PropertyDefinitions
> --------------------------------------------------------------
>
>                 Key: CASSANDRA-17878
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17878
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: CQL/Interpreter, CQL/Semantics
>            Reporter: Stefan Miklosovic
>            Assignee: Stefan Miklosovic
>            Priority: Normal
>             Fix For: 4.0.x, 4.1.x
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> There is currently this in PropertyDefinitions class as a pattern we use for 
> testing a boolean value in cqlsh
> {code}
> private static final Pattern PATTERN_POSITIVE = 
> Pattern.compile("(1|true|yes)");
> {code}
> This might be source of mistakes and typos. For example, if a user does, for 
> example:
> {code}
> ALTER TABLE ks.tb WITH cdc = tru;
> {code}
> If he does not notice it, he thinks that cdc is true, but it is not. 
> More to it, currently, everything which is not "1", "true", or "yes" is 
> evaluated as false. We should harden this in such a way that both logical 
> true and false would be parsed only on well defined values and every other 
> value would be rejected and a query would fail.
> EDIT: I have checked how it behaves in cqlsh and there seems to be validation 
> of this already like this:
> {code}
> cqlsh> ALTER TABLE abc.def WITH cdc = tru;
> SyntaxException: line 1:31 no viable alternative at input 'tru' (ALTER TABLE 
> abc.def WITH [cdc] =...)
> {code}
> It seems that cqlsh already knows this should be a boolean and rejects such 
> query.
> Nevertheless, it is still reasonable to harden this on the code level when a 
> query is executed in Java, programmatically (e.g. as part of tests or 
> similar). The patch also includes optimizations to not return Boolean but 
> boolean on related methods (other primitives are covered as well).



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to