Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add validation for reranker processor parameters #555

Closed
martin-gaievski opened this issue Jan 24, 2024 · 5 comments
Closed

Add validation for reranker processor parameters #555

martin-gaievski opened this issue Jan 24, 2024 · 5 comments
Labels
Enhancements Increases software capabilities beyond original client specifications v2.12.0 Issues targeting release v2.12.0

Comments

@martin-gaievski
Copy link
Member

For the reranker processor, there are no checks of number of context fields user can define for the processor when:

  • defining processor as part of the search pipeline
  • using query_text_path as part of search request

This brings risks of system instability in case very long string is passed in any of those two places.

I suggest we use some limit on number of fields for document_fields, let's start from 50 but that number is discussible. For the query_text_path we can limit the max level of nested field to not exceed one that set by index.mapping.depth.limit setting.
@martin-gaievski martin-gaievski added Enhancements Increases software capabilities beyond original client specifications untriaged labels Jan 24, 2024
@martin-gaievski
Copy link
Member Author

@HenryL27 please check this request

@HenryL27
Copy link
Contributor

ack

@HenryL27
Copy link
Contributor

any other instabilities?

@martin-gaievski
Copy link
Member Author

any other instabilities?

not as of now, but let's keep this issue open, I may add more stuff in coming days. this is based on a feedback I'm getting from security reviews

@HenryL27
Copy link
Contributor

HenryL27 commented Jan 25, 2024
edited
Loading

k. for now making a setting for RERANKER_MAX_DOC_FIELDS ("plugins.neural_search.reranker_max_document_fields")

@HenryL27 HenryL27 mentioned this issue Jan 26, 2024
Merged
5 tasks
@martin-gaievski martin-gaievski added v2.12.0 Issues targeting release v2.12.0 and removed untriaged labels Feb 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancements Increases software capabilities beyond original client specifications v2.12.0 Issues targeting release v2.12.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HenryL27 @martin-gaievski