Re: "WHERE 1 = 2 OR ..." makes planner choose a very inefficient plan

Поиск
Список
Период
Сортировка
От Claudio Freire
Тема Re: "WHERE 1 = 2 OR ..." makes planner choose a very inefficient plan
Дата
Msg-id CAGTBQpZ6D8YSyM8V5KFmKZyM5F_psPe8hA5hNDDx-nMOdK9jmQ@mail.gmail.com
обсуждение исходный текст
Ответ на Re: "WHERE 1 = 2 OR ..." makes planner choose a very inefficient plan  (Simon Riggs <simon@2ndQuadrant.com>)
Список pgsql-performance
Дерево обсуждения 
On Thu, May 2, 2013 at 9:48 AM, Simon Riggs <simon@2ndquadrant.com> wrote:
>>> SELECT count(k0.id)
>>> FROM k0
>>> WHERE 1 = 2
>>>     OR k0.id IN (
>>>         SELECT k1.k0_id
>>>         FROM k1
>>>         WHERE k1.k1k2_id IN (
>>>                 SELECT k2.k1k2_id
>>>                 FROM k2
>>>                 WHERE k2.t = 2
>>>                     AND (coalesce(k2.z, '')) LIKE '%12%'
>>>                 )
>>>         );
>>
...
>
> The situation shown could be the result of SQL injection attack.
>
> It would be nice to have a switch to do additional checks on SQL
> queries to ensure such injections don't cause long runtimes to return
> useless answers.

How could that be the case without becoming much much worse than large runtimes?

I don't think it's the place of the database to worry about SQL injection.

В списке pgsql-performance по дате отправления:

Предыдущее
От: Simon Riggs
Дата:
Сообщение: Re: "WHERE 1 = 2 OR ..." makes planner choose a very inefficient plan
Следующее
От: mark.kirkwood@catalyst.net.nz
Дата:
Сообщение: Re: In progress INSERT wrecks plans on table