Nick Vatamaniuc created COUCHDB-3046:
----------------------------------------
Summary: Improve reduce function overflow protection
Key: COUCHDB-3046
URL: https://issues.apache.org/jira/browse/COUCHDB-3046
Project: CouchDB
Issue Type: Bug
Components: Database Core
Reporter: Nick Vatamaniuc
The protection algorithm:
https://github.com/apache/couchdb/blob/master/share/server/views.js#L36-L41
When enabled, looks at couchjs' reduce command input and output line lengths
(as stringy-fied json). If 2*len(output) > len(input) and len(output) > 200
then an error is triggered.
There a few issues in that scheme:
* Input line contains the length of the reduce function code itself. A large
reduce function body (say 100KB) might lead to failure to trip the error.
* On the other hand, output size checking threshold is too small = 200. It
prevents functions using single large accumulator object (say with fields like
.sum, .count, .stddev, and so on) from working. The size of output will be >
200 but, even though it won't be growing it will still be prevented from
running.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
