jitendrakr88 commented on PR #15498: URL: https://github.com/apache/pinot/pull/15498#issuecomment-2790748196
> Does it work if we simply trim off the white space and optional `;` at the end of the query and then perform the regex match? We don't want to bring back the vulnerability of code injection. I'm not able to find the context, but that is the reason why we force `OPTION` to be the last part of the query Yeah, I think that should work. As long as we avoid excessive backtracking on large SQL queries, the runtime should remain reasonable. Thanks @ankitsultana and @Jackie-Jiang for review. Let me get back on this. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
