[
https://issues.apache.org/jira/browse/CASSANDRA-12541?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15578411#comment-15578411
]
ASF GitHub Bot commented on CASSANDRA-12541:
--------------------------------------------
Github user deshpamit commented on the issue:
https://github.com/apache/cassandra/pull/76
HP Fortify Analysis flagged Portability Flaw: Locale Dependent Comparison
https://issues.apache.org/jira/browse/CASSANDRA-12541 same issue for all
defects
> Portability Flaw: Locale Dependent Comparison
> ---------------------------------------------
>
> Key: CASSANDRA-12541
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12541
> Project: Cassandra
> Issue Type: Sub-task
> Reporter: Eduardo Aguinaga
> Priority: Trivial
>
> Overview:
> In May through June of 2016 a static analysis was performed on version 3.0.5
> of the Cassandra source code. The analysis included an automated analysis
> using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools
> Understand v4. The results of that analysis includes the issue below.
> Issue:
> In the file CqlRecordWriter.java on line 128 there is a portability problem
> with the call to toLowerCase() because it has different locales which may
> lead to unexpected output. This may also circumvent custom validation
> routines.
> {code:java}
> CqlRecordWriter.java, lines 127-130:
> 127 String cqlQuery = CqlConfigHelper.getOutputCql(conf).trim();
> 128 if (cqlQuery.toLowerCase().startsWith("insert"))
> 129 throw new UnsupportedOperationException("INSERT with CqlRecordWriter
> is not supported, please use UPDATE/DELETE statement");
> 130 cql = appendKeyWhereClauses(cqlQuery);
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
