Will Currie created SOLR-11512:
----------------------------------
Summary: Query parsing should not loop forever with 100% cpu
Key: SOLR-11512
URL: https://issues.apache.org/jira/browse/SOLR-11512
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: 7.1
Reporter: Will Currie
Priority: Minor
The following query against the techproducts puts solr into an infinite loop:
{noformat}
curl -g -v
'http://localhost:8983/solr/techproducts/select?q=*&defType=edismax&qq={!edismax+v=something}&bq={!edismax+v=$qq}
{noformat}
I guess I'd expect a failure with "Infinite Recursion detected parsing query
..." instead. So depending on the query config a user typing {!edismax
v=whatever} into a search box can send a solr instance to 100% cpu.
I can reproduce using TestExtendedDismaxParser by adding:
{code}
@Test
public void loopsForever() throws Exception {
assertJQ(req("defType", "edismax", "q", "*", "qq", "{!edismax
v=something}", "bq", "{!edismax v=$qq}"));
}
{code}
The code seems to hit QParser.checkRecurse() and try to fail but something
sends it around for another try. Repeat.
Given the complexity of the parsing code there may well be other examples.
There's no way to disable the local params syntax is there? Question was asked
in SOLR-4197.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
