-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Queryable Encryption
-
Server Security
-
Fully Compatible
-
v8.0
-
Security 2024-07-22
FLE2 range compaction involves inserting some number of "padding" documents to the ESC to reduce the leakage profile of the real anchor documents inserted. This number is calculated using the formula:
size_t numPads = std::ceil(anchorPaddingFactor * ((pathLength * uniqueLeaves) - uniqueTokens));
where anchorPaddingFactor is a double between 0.0 and 1.0, and pathLength, uniqueLeaves, and uniqueTokens are unsigned 64-bit integers.
uniqueTokens is expected to be always greater than or equal to uniqueLeaves. If pathLength is made small enough (by increasing the trimFactor, for example), then it is possible for the term ((pathLength * uniqueLeaves) - uniqueTokens) to underflow, and therefore for numPads to wind up having an absurdly large value. Consequently, that will result in a massive number of insertions to the ESC.