Add validation for SQL queries in DataFrame.readSqlQuery #502
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #498
A validation function has been added to
DataFrame.readSqlQuery
to handle cases where an inappropriate SQL query is passed.The function verifies that the SQL query starts with "SELECT" and doesn't contain any other DDL, DML, or DCL operators to prevent data manipulation.
Corresponding test cases were also added in h2Test to ensure that an
IllegalArgumentException
is thrown when the SQL query is incorrect.