| CPC G06F 16/2246 (2019.01) [G06F 16/245 (2019.01)] | 20 Claims |
|
1. A system, comprising:
one or more computing devices comprising at least one processor and at least one memory that stores computer-executable instructions that, in response to execution by the at least one processor, cause the system to at least:
receive a query at a query coordinator;
generate, by a frontend of the query coordinator, a first abstract syntax tree (AST) based, at least in part, on the query;
serialize, by the frontend of the query coordinator, data that represents the first AST;
generate, by a backend of the query coordinator, a second AST based, at least in part, on the serialized data;
evaluate, by a sanitizer of the backend of the query coordinator, the second AST for a security risk by at least enforcing one or more security rules;
generate, by the backend of the query coordinator, a third AST that is a modified version of the second AST in which the security risk is mitigated; and
cause a query plan based, at least in part, on the third AST to be executed by a query engine executor sandboxed from the frontend and the backend of the query coordinator.
|