Skip to content

Dropping unused allocations when query is cancelled#21887

Draft
harshavamsi wants to merge 1 commit into
opensearch-project:mainfrom
harshavamsi:fix/groupby-export-leak-guard
Draft

Dropping unused allocations when query is cancelled#21887
harshavamsi wants to merge 1 commit into
opensearch-project:mainfrom
harshavamsi:fix/groupby-export-leak-guard

Conversation

@harshavamsi
Copy link
Copy Markdown
Contributor

@harshavamsi harshavamsi commented May 29, 2026

Description

[Describe what this change achieves]

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

Check List

  • Functionality includes testing.
  • API changes companion pull request created, if applicable.
  • Public documentation issue/PR created, if applicable.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@harshavamsi
Dropping unused allocations when query is cancelled
d7c32f4 
Signed-off-by: Harsha Vamsi Kalluri <harshavamsi096@gmail.com>
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026

PR Code Analyzer ❗

AI-powered 'Code-Diff-Analyzer' found issues on commit d7c32f4.

PathLineSeverityDescription
sandbox/plugins/analytics-backend-datafusion/src/main/java/org/opensearch/be/datafusion/DataFusionPlugin.java211mediumDATAFUSION_MAX_QUERY_EXPORT_FRACTION is declared Dynamic, meaning it can be changed cluster-wide at runtime without a node restart. A privileged attacker (or compromised admin account) could set this fraction near 0 to cause all queries to be rejected immediately, effectively denying all data access across the cluster without touching other settings. The legitimate purpose (scaling with pool size) does not require Dynamic scope.
sandbox/plugins/analytics-backend-datafusion/rust/src/api.rs956lowThe ResourcesExhausted error message returned to callers reveals exact internal memory configuration values (projected byte count and the resolved cap derived from pool.query.max × fraction). While not directly exploitable, this leaks memory sizing details that could assist an attacker in probing pool boundaries or tuning exfiltration batch sizes to stay below the cap.

The table above displays the top 10 most important findings.

Total: 2 | Critical: 0 | High: 0 | Medium: 1 | Low: 1

Pull Requests Author(s): Please update your Pull Request according to the report above.

Repository Maintainer(s): You can bypass diff analyzer by adding label skip-diff-analyzer after reviewing the changes carefully, then re-run failed actions. To re-enable the analyzer, remove the label, then re-run all actions.

⚠️ Note: The Code-Diff-Analyzer helps protect against potentially harmful code patterns. Please ensure you have thoroughly reviewed the changes beforehand.

Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@harshavamsi