Method for monitoring and controlling the processing of database searches

US 8,234,290 B2
Filed: 10/31/2008
Issued: 07/31/2012
Est. Priority Date: 10/31/2008
Status: Active Grant

First Claim

Patent Images

1. A method for preventing misuse of database searches, the method comprising:

receiving a regular expression in a search and error handling thread of an application process running on a processor, wherein the regular expression includes one or more tokens and one or more quantifiers;

searching a database to find one or more input character strings that match the regular expression, wherein a duration of the searching scales greater than linearly with a size of an input character string in order to guarantee a determination of whether an input character string matches the regular expression including the quantifiers;

tracking, within the search and error handling thread, a computational effort of searching for matches to the regular expression, wherein the tracking of the computational effort occurs during the searching of the database to find the one or more input character strings that match the regular expression;

comparing the computational effort to a threshold value; and

performing an internal exit in the search and error handling thread when the computational effort exceeds the threshold value prior to completion of the searching of the database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and apparatus for preventing misuse of searches of a database system are provided. This prevention of misuse of database searches can enable reliable operation of the database system, as an improper query using a regular expression will not shut down or severely affect an application process that provides access to the database system. A thread of the application process determines whether an input character string matches the regular expression. To prevent misuse, a computational effort of the search is tracked, and compared to a threshold value. When the threshold is exceeded, an operation of the thread is exited or stopped.

10 Citations

View as Search Results

20 Claims

1. A method for preventing misuse of database searches, the method comprising:
- receiving a regular expression in a search and error handling thread of an application process running on a processor, wherein the regular expression includes one or more tokens and one or more quantifiers;
  
  searching a database to find one or more input character strings that match the regular expression, wherein a duration of the searching scales greater than linearly with a size of an input character string in order to guarantee a determination of whether an input character string matches the regular expression including the quantifiers;
  
  tracking, within the search and error handling thread, a computational effort of searching for matches to the regular expression, wherein the tracking of the computational effort occurs during the searching of the database to find the one or more input character strings that match the regular expression;
  
  comparing the computational effort to a threshold value; and
  
  performing an internal exit in the search and error handling thread when the computational effort exceeds the threshold value prior to completion of the searching of the database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein tracking a computational effort includes counting a number of operations performed during the search, and wherein the internal exit is performed when the number of operations exceeds the threshold value.
  - 3. The method of claim 2, wherein the number of operations is a number of accesses to an input character string.
  - 4. The method of claim 2, wherein the number of operations is a number of times that the regular expression has been accessed.
  - 5. The method of claim 1, wherein the searching uses backtracking.
  - 6. The method of claim 1, wherein the internal exit is from a routine of the search and error handling thread that performs the searching of the database.
  - 7. The method of claim 1, wherein the search and error handling thread is encoded in Java.
  - 8. The method of claim 1, wherein the internal exit is from a loop that is performing a determination of whether a particular input character string matches the regular expression.
  - 9. The method of claim 8, further comprising stopping the searching the database to find an input character string that matches the received regular expression as a result of the internal exit.

10. A database system comprising:
- a processor;
  
  an input interface for receiving a regular expression from a user;
  
  logic that runs a search and error handling thread of an application process on the processor, wherein the search and error handling thread is configured to;
  
  receive the regular expression, wherein the regular expression includes one or more tokens and one or more quantifiers;
  
  search a database of the database system to find one or more input character strings that match the regular expression, wherein a duration of the searching scales greater than linearly with a size of an input character string in order to guarantee a determination of whether an input character string matches the regular expression including the quantifiers;
  
  tracking, within the search and error handling thread, a computational effort of searching for matches to the regular expression wherein the tracking of the computational effort occurs during the searching of the database to find the one or more input character strings that match the regular expression;
  
  compare the computational effort to a threshold value; and
  
  stopping the determination of whether an input character string matches the regular expression when the computational effort exceeds the threshold value prior to completion of the searching of the database.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The database system of claim 10, wherein the entire search of the database is stopped for the received regular expression.
  - 12. The database system of claim 10, wherein the stopping is accomplished by an internal exit in the search and error handling thread when the computational effort exceeds the threshold value.
  - 13. The database system of claim 12, wherein the internal exit is from a loop that is performing a determination of whether a particular input character string matches the regular expression.
  - 14. The database system of claim 13, further comprising stopping the searching the database to find an input character string that matches the received regular expression as a result of the internal exit.
  - 15. The database system of claim 12, wherein the internal exit is from a routine of the search and error handling thread that performs the searching of the database.
  - 16. The database system of claim 10, wherein tracking a computational effort includes counting a number of operations performed during the search, and wherein the internal exit is performed when the number of operations exceeds the threshold value.
  - 17. The database system of claim 16, wherein the number of operations is a number of accesses to an input character string.

18. A computer program product comprising a computer readable storage medium encoded with a plurality of instructions for controlling a computing system to perform an operation for preventing misuse of database searches, the instructions comprising:
- receiving a regular expression in a search and error handling thread of an application process, wherein the regular expression includes one or more tokens and one or more quantifiers;
  
  searching a database to find one or more input character strings that match the regular expression, wherein a duration of the searching scales greater than linearly with a size of an input character string in order to guarantee a determination of whether an input character string matches the regular expression including the quantifiers;
  
  tracking, within the search and error handling thread, a computational effort of searching for matches to the regular expression wherein the tracking of the computational effort occurs during the searching of the database to find the one or more input character strings that match the regular expression;
  
  comparing the computational effort to a threshold value; and
  
  performing an internal exit in the search and error handling thread when the computational effort exceeds the threshold value prior to completion of the searching of the database.
- View Dependent Claims (19, 20)
- - 19. The computer program product of claim 18, wherein tracking a computational effort includes counting a number of operations performed during the search, and wherein the internal exit is performed when the number of operations exceeds the threshold value.
  - 20. The computer program product of claim 18, wherein the internal exit is from a loop that is performing a determination of whether a particular input character string matches the regular expression.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Tamm, Steven, Hofhansi, Lars
Primary Examiner(s)
Choi, Yuk Ting

Application Number

US12/262,744
Publication Number

US 20100114912A1
Time in Patent Office

1,369 Days
Field of Search

None
US Class Current

707/758
CPC Class Codes

G06F 16/2453 Query optimisation

Method for monitoring and controlling the processing of database searches

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method for monitoring and controlling the processing of database searches

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links