Description
Currently the inputs to DATE_RANGE* functions are not validated, this means that very massive arrays can be generated.
From brief empirical testing I can see that sometimes an internal server error is thrown - I am not sure under which circumstances this occurs.
In extreme situations running the query actually causes the query engine to panic, which would affect all queries running.
Below is a simple (but contrived) example:
SELECT DATE_RANGE_STR("2016-02-07", "3200-02-07", 'second')
|
{
|
"requestID": "0eb70e2f-2ad3-4628-8353-b6cf2349956b",
|
"clientContextID": "84d7faac-75ef-43c2-9620-2b4e88c6b0cf",
|
"signature": {
|
"$1": "array"
|
},
|
"results": [
|
],
|
"errors": [
|
{
|
"code": 5001,
|
"msg": "Panic: runtime error: makeslice: cap out of range - cause: runtime error: makeslice: cap out of range"
|
}
|
],
|
"status": "stopped",
|
"metrics": {
|
"elapsedTime": "863.384µs",
|
"executionTime": "831.093µs",
|
"resultCount": 0,
|
"resultSize": 0,
|
"errorCount": 1
|
}
|
}
|
It is important that we protect customers from causing this to happen to them, particularly as sometimes they may not be able to directly validate the inputs to the N1QL functions themselves.
Logs: