…8537) Currently the RPM table is being generated by initializing the RPM db with all packages, or a single package by name with query context. I've changed this table to start using `rpmdbSetIteratorRE` with string compare, by iterating through all values given in query context, and adding those regex patterns to the RPM iterator selector. RPM API `rpmdbSetIteratorRE`: https://ftp.osuosl.org/pub/rpm/api/4.4.2.2/group__rpmdb.html#g9f84dbc47d1d432f4ffe83b713fb47c9 This allows the table to generate results with all values from query context at once. I've confirmed that the columns can support these changes by querying the tables with an IN constraint on the optimized columns. I validated the expected results by comparing returned values from osquery 5.13.1 (before IN optimization existed), 5.14.1, and 5.14.1 containing these spec file changes. With each query I included a NULL, '' (empty string), and some non-existent values in my IN constraint. Tests were ran on CentOS Linux release 7.9.2009 (Core)
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4