[jira] [Commented] (COUCHDB-3046) Improve reduce function overflow protection

Tue, 28 Mar 2017 11:22:07 -0700 

    [ 
https://issues.apache.org/jira/browse/COUCHDB-3046?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15945668#comment-15945668
 ] 

ASF subversion and git services commented on COUCHDB-3046:
----------------------------------------------------------

Commit 3937fb1ef2cb4377571f488e7a20e003b5e8c69c in couchdb's branch 
refs/heads/master from [~vatamane]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb.git;h=3937fb1 ]

Improve reduce function overlow handling

Add `log` as another option for `query_config.reduce_limit` instead of `true`
or `false` only. This warns user without crashing the view.

Account for reduce functions code size when checking for overlflow. Code size
was previously implicitly included in input size, skewing the result of
overflow check.

Increase threshold for overflow check. Before it was only 200. This
should prevent false positives in case users have a large accumulator object to
collect various stats.

Jira: COUCHDB-3046


> Improve reduce function overflow protection 
> --------------------------------------------
>
>                 Key: COUCHDB-3046
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-3046
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Database Core
>            Reporter: Nick Vatamaniuc
>
> The protection algorithm:
> https://github.com/apache/couchdb/blob/master/share/server/views.js#L36-L41
> When enabled, looks at couchjs' reduce command input and output line lengths 
> (as stringy-fied json). If 2*len(output) > len(input) and len(output) > 200 
> then an error is triggered.
> There a few issues in that scheme:
>  * No mode to first log failures only. This way user can handle bad reduce 
> functions as a warning rather than as a failed query result.
>  * Input line contains the length of the reduce function code itself. A large 
> reduce function body (say 100KB) might skew the result and allow allow 
> through reduce function with larger than needed output (without tripping the 
> error). 
>  * On the other hand, output size checking threshold is too small = 200. It 
> prevents functions using single large accumulator object (say with fields 
> like .sum, .count, .stddev, and so on) from working. The size of output will 
> be > 200 but, even though it won't be growing it will still be prevented from 
> running.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to