Re: Query generates infinite loop
| От | Tom Lane |
|---|---|
| Тема | Re: Query generates infinite loop |
| Дата | |
| Msg-id | 2842828.1650474225@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Query generates infinite loop (Pavel Stehule <pavel.stehule@gmail.com>) |
| Ответы |
Re: Query generates infinite loop
|
| Список | pgsql-bugs |
Pavel Stehule <pavel.stehule@gmail.com> writes:
> st 20. 4. 2022 v 18:42 odesílatel Richard Wesley <richard@duckdblabs.com>
> napsal:
>> select COUNT(*) FROM generate_series('-infinity'::TIMESTAMP, 'epoch'::TIMESTAMP, INTERVAL '1 DAY');
>>
>> This seems like a DoS great attack, so we are disallowing infinities as
>> bounds for both table and scalar series generation. As an upper bound, it
>> eventually gives an error, so it seems there is not much utility anyway.
> There are more ways to achieve the same effect. The protection is safe
> setting of temp_file_limit
Well, there are any number of ways to DOS a database you can issue
arbitrary queries to. For instance, cross joining a number of very
large tables. So I'm not excited about that aspect of it. Still,
it's true that infinities as generate_series endpoints are going
to work pretty oddly, so I agree with the idea of forbidding 'em.
Numeric has infinity as of late, so the numeric variant would
need to do this too.
I think we can allow infinity as the step, though.
regards, tom lane
В списке pgsql-bugs по дате отправления: