You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ouch! Yes, that's an unpleasant one indeed. It's a pity that Cassandra still doesn't protect us from this.
However, is there a sensible way to spot this without fully parsing the query? I guess just checking for statements starting with /SELECT +\*/i would go a long way.
A prepared statement that has a
SELECT *
in it is unsafe.More details here:
This is a very very bad footgun, and can cause your driver to return incorrect rows when a table is altered.
We should disallow these kind of queries from being prepared, as it can introduce soundness bugs in one's code.
The text was updated successfully, but these errors were encountered: