Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport] [2.x] Bugfix to guard against stack overflow errors caused by very large reg-ex input #2817

Merged
merged 2 commits into from
Apr 8, 2022
Merged

[Backport] [2.x] Bugfix to guard against stack overflow errors caused by very large reg-ex input #2817

merged 2 commits into from
Apr 8, 2022

Conversation

kartg
Copy link
Member

@kartg kartg commented Apr 8, 2022
edited
Loading

Description

This change fixes a code path that did not properly impose the index-level max_regex_length limit. Therefore, it was possibly to provide an arbitrarily large string as the include/exclude reg-ex value under search aggregations. This exposed the underlying node to crashes from a StackOverflowError, due to how the Lucene RegExp class processes strings using stack frames.

This change also includes the removal of the null-case for IndexSettings since this only occurs in tests (the tests now use a dummy Index Setting) and fixes a bug with the base case handling of max regex length in the check.

Issues Resolved

Backport of #2810 and #2814

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

kartg added 2 commits April 7, 2022 18:28
@kartg
Bugfix to guard against stack overflow errors caused by very large re…
73f6a4e 
…g-ex input (opensearch-project#2810)

* Bugfix to guard against stack overflow errors caused by very large reg-ex input

This change fixes a code path that did not properly impose the index-level max_regex_length limit. Therefore, it was possibly to provide ar arbitrarily large string as the include/exclude reg-ex value under search aggregations. This exposed the underlying node to crashes from a StackOverflowError, due to how the Lucene RegExp class processes strings using stack frames.

Signed-off-by: Kartik Ganesh <gkart@amazon.com>

* Adding integration tests for large string RegEx

Signed-off-by: Kartik Ganesh <gkart@amazon.com>

* Spotless

Signed-off-by: Kartik Ganesh <gkart@amazon.com>
@kartg
Updates to the large string reg-ex check (opensearch-project#2814)
8c3e801 
* Updates to the large string reg-ex check

Removed the null-case for IndexSettings since this only occurs in tests. The tests now use a dummy Index Setting.
This change also fixes a bug with the base case handling of max regex length in the check.

Signed-off-by: Kartik Ganesh <gkart@amazon.com>
@kartg kartg requested a review from a team as a code owner April 8, 2022 01:33
@opensearch-ci-bot
Copy link
Collaborator

✅   Gradle Check success 8c3e801
Log 4290

Reports 4290

@tlfeng tlfeng added backport PRs or issues specific to backporting features or enhancments v2.1.0 Issues and PRs related to version 2.1.0 labels Apr 8, 2022
@andrross andrross merged commit 21e3db9 into opensearch-project:2.x Apr 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrross andrross andrross approved these changes

Assignees
No one assigned
Labels
backport PRs or issues specific to backporting features or enhancments v2.1.0 Issues and PRs related to version 2.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kartg @opensearch-ci-bot @andrross @tlfeng