Bug #24243 | max_questions resourse limit does not have effect on "select * from tbl_name" | ||
---|---|---|---|
Submitted: | 13 Nov 2006 8:51 | Modified: | 15 Nov 2006 18:57 |
Reporter: | Rumen Telbizov | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Documentation | Severity: | S1 (Critical) |
Version: | MySQL 5.0.27, 4.0.27 | OS: | FreeBSD (FreeBSD 6.2 , Linux 2.6 kernel) |
Assigned to: | Paul DuBois | CPU Architecture: | Any |
[13 Nov 2006 8:51]
Rumen Telbizov
[13 Nov 2006 14:37]
Rumen Telbizov
Hi again, Thanks to Nikolay Bachiyski for pointing the following out. It seems that the limit is not taken into account if the query is already in the cache. In this case the result is simply returned to the client and the counter is not checked at all. Is this supposed to be the correct behaviour? Shouldn't it be noted in the documentation? --- quote -- if (query_cache_send_result_to_client(thd, inBuf, length) <= 0) { LEX *lex=lex_start(thd, (uchar*) inBuf, length); if (!yyparse() && ! thd->fatal_error) { if (mqh_used && thd->user_connect && check_mqh(thd, thd->lex.sql_command)) --- quote -- Best regards Rumen Telbizov
[13 Nov 2006 15:17]
Sergei Golubchik
I believe it's the intended behaviour. Note that when a result of a select is taken from the cache, Com_select status variable is not increased either.
[14 Nov 2006 7:13]
Rumen Telbizov
Ok, Still it would be nice have this in the documentation. Just one final thought: Are you sure that 'max_questions' is supposed to limit the number of non-cached queries only? Consider this: A broken script or a malicious user starts issuing the same (cached) query in a loop without sleep or any delay. This still causes some load on the server. If you multiply this by as many processes that this user might spawn and you have a DoS scenario that you cannot limit using the max_questions! Best regards Rumen Telbizov
[14 Nov 2006 9:42]
MySQL Verification Team
Thank you for the bug report.
[15 Nov 2006 18:57]
Paul DuBois
Thank you for your bug report. This issue has been addressed in the documentation. The updated documentation will appear on our website shortly, and will be included in the next release of the relevant products. I've added a note to the sections on user resources and the GRANT statement: Queries for which results are served from the query cache do not count against the MAX_QUERIES_PER_HOUR limit.