Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Does not validate by stripping \u0000 from json #870

Open
jdcaperon opened this issue Oct 22, 2024 · 3 comments
Open

Does not validate by stripping \u0000 from json #870

jdcaperon opened this issue Oct 22, 2024 · 3 comments

Comments

@jdcaperon
Copy link

The client does not validate VARIANT values by stripping the null char, this means that it's possible to submit values that are not able to parsed by Snowflake. See support case 00872717

/**
* Validates and parses input as JSON. All types in the object tree must be valid variant types,
* see {@link DataValidationUtil#isAllowedSemiStructuredType}.
*
* @param input Object to validate
* @return JSON tree representing the input
*/
private static JsonNode validateAndParseSemiStructuredAsJsonTree(
String columnName, Object input, String snowflakeType, final long insertRowIndex) {
if (input instanceof String) {
String stringInput = (String) input;
verifyValidUtf8(stringInput, columnName, snowflakeType, insertRowIndex);
try {
return objectMapper.readTree(stringInput);
} catch (JsonProcessingException e) {
throw valueFormatNotAllowedException(
columnName, snowflakeType, "Not a valid JSON", insertRowIndex);
}
} else if (isAllowedSemiStructuredType(input)) {
return objectMapper.valueToTree(input);
}
throw typeNotAllowedException(
columnName,
input.getClass(),
snowflakeType,
new String[] {
"String",
"Primitive data types and their arrays",
"java.time.*",
"List<T>",
"Map<String, T>",
"T[]"
},
insertRowIndex);
}

This is pretty bad, because it means that tables can get into a state where they are unqueryable when selecting the damaged VARIANT column.

@sfc-gh-xhuang
Copy link
Contributor

@jdcaperon we have this filed on our backlog to resolve.
have you stripped the values from your input as a workaround in the meantime?

@jdcaperon
Copy link
Author

@sfc-gh-xhuang yes we are doing our own prevention for this issue in the meantime

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants