Nick Vatamaniuc created COUCHDB-3046: ----------------------------------------
Summary: Improve reduce function overflow protection Key: COUCHDB-3046 URL: https://issues.apache.org/jira/browse/COUCHDB-3046 Project: CouchDB Issue Type: Bug Components: Database Core Reporter: Nick Vatamaniuc The protection algorithm: https://github.com/apache/couchdb/blob/master/share/server/views.js#L36-L41 When enabled, looks at couchjs' reduce command input and output line lengths (as stringy-fied json). If 2*len(output) > len(input) and len(output) > 200 then an error is triggered. There a few issues in that scheme: * Input line contains the length of the reduce function code itself. A large reduce function body (say 100KB) might lead to failure to trip the error. * On the other hand, output size checking threshold is too small = 200. It prevents functions using single large accumulator object (say with fields like .sum, .count, .stddev, and so on) from working. The size of output will be > 200 but, even though it won't be growing it will still be prevented from running. -- This message was sent by Atlassian JIRA (v6.3.4#6332)