-
Notifications
You must be signed in to change notification settings - Fork 24.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Limit the depth of nested queries #55303
Labels
>bug
:Search/Search
Search-related issues that do not fall into other categories
Team:Search
Meta label for search team
Comments
jimczi
added
>bug
:Search/Search
Search-related issues that do not fall into other categories
labels
Apr 16, 2020
Pinging @elastic/es-search (:Search/Search) |
Not sure if this solution would work:
|
mayya-sharipova
pushed a commit
that referenced
this issue
Jan 12, 2021
limit the depth of nested bool queries Introduce a new node level setting `indices.query.bool.max_nested_depth` that controls the depth of nested bool queries. Throw an error if a nested depth of a bool query exceeds the maximum allowed nested depth. Closes #55303
9 tasks
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 28, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 28, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 28, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 28, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 28, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Jan 29, 2021
resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to elastic/kibana
that referenced
this issue
Feb 1, 2021
…es (#89345) resolves #88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to pmuellr/kibana
that referenced
this issue
Feb 1, 2021
…es (elastic#89345) resolves elastic#88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
pmuellr
added a commit
to elastic/kibana
that referenced
this issue
Feb 1, 2021
…es (#89345) (#89890) resolves #88367 Prior to this PR, the KQL node_builder code was using recursion to generate "and" & "or" expressions. Eg, `and(foo1=bar1, foo2=bar2, foo3=bar3)` would be generated as if was specified as `and(foo1=bar1, and(foo2=bar2, foo3=bar3))`. Calls to the builder with long lists of expressions would generate nested JSON as deep as the lists are long. This is problematic, as Elasticsearch is changing the default limit on nested bools to 20 levels, and alerting already generates nested bools greater than that limit. See: elastic/elasticsearch#55303 This PR changes the generated shape of above, so that all the nodes are at the same level, instead of the previous "recursive" treatment.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
>bug
:Search/Search
Search-related issues that do not fall into other categories
Team:Search
Meta label for search team
Today we rely on recursion to parse, rewrite and create query builders that contains nested queries. This recursion can lead to stack overflow errors, for instance when dealing with a
bool
query that contains a chain of nestedbool
queries:These queries, usually created by mistake by a script, can have a negative impact on the cluster if they are not detected early.
We should have a mechanism to detect them and throw a comprehensive error when we see one in search or when trying to save a query.
The text was updated successfully, but these errors were encountered: