From d683e81e2068da3e54ee7165b3c01d7d46fc2c79 Mon Sep 17 00:00:00 2001 From: Mike Rylander Date: Tue, 21 Feb 2023 16:46:19 -0500 Subject: [PATCH] Malicious search protect release notes Signed-off-by: Mike Rylander Signed-off-by: Jason Boyer --- .../Architecture/Malicious-search-protection.adoc | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc diff --git a/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc b/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc new file mode 100644 index 0000000000..de67f38191 --- /dev/null +++ b/docs/RELEASE_NOTES_NEXT/Architecture/Malicious-search-protection.adoc @@ -0,0 +1,23 @@ +== Malicious Search Protection == + +Evergreen sometimes sees some "novel" query strings in the wild that +cause the search backend to time out or worse. These are sometimes +malicious and sometimes accidental, but the effect on users is the +same. + +The changes here improve query compilation in several respects in order +to reduce the chances of an overly complex query causing problems for +the search subsystem. + +More work is done up front to simplify and combine parts of the +resulting SQL, allowing more work to be done closer to the data. +This change allows Evergreen to handle many more tested or chained +boolean expressions, and negated terms are now handled directly in +line with other adjacent terms. Phrases (exact matches) are now +searched for using Postgres' adjacency tsearch operator. + +All of these changes work together to improve performance by getting +more search work done in fewer database operations while protecting +against certain query constructs that have caused problems in the +past. + -- 2.11.0