influxdata · davidby-influx · Oct 27, 2021 · Oct 25, 2021 · Oct 26, 2021 · Oct 26, 2021
diff --git a/tsdb/store.go b/tsdb/store.go
@@ -1654,6 +1654,9 @@ func (s *Store) TagKeys(ctx context.Context, auth query.FineAuthorizer, shardIDs
  if err != nil {
  return nil, err
  }
+ if err = isBadQuoteTagValueClause(filterExpr); err != nil {
+ return nil, err
+ }
 
  // Get all the shards we're interested in.
  is := IndexSet{Indexes: make([]Index, 0, len(shardIDs))}
@@ -1822,6 +1825,31 @@ func isTagKeyClause(e influxql.Expr) (bool, error) {
  return false, nil
 }
 
+func isBadQuoteTagValueClause(e influxql.Expr) error {
+ switch e := e.(type) {
+ case *influxql.BinaryExpr:
+ switch e.Op {
+ case influxql.EQ, influxql.NEQ:
+ _, lOk := e.LHS.(*influxql.VarRef)
+ _, rOk := e.RHS.(*influxql.VarRef)
+ if lOk && rOk {
+ return fmt.Errorf("bad WHERE clause for metaquery; one term must be a string literal tag value within single quotes: %s", e.String())
+ }
+ case influxql.OR, influxql.AND:
+ if err := isBadQuoteTagValueClause(e.LHS); err != nil {
+ return err
+ } else if err = isBadQuoteTagValueClause(e.RHS); err != nil {
+ return err
+ } else {
+ return nil
+ }
+ }
+ case *influxql.ParenExpr:
+ return isBadQuoteTagValueClause(e.Expr)
+ }
+ return nil
+}
+
 // TagValues returns the tag keys and values for the provided shards, where the
 // tag values satisfy the provided condition.
 func (s *Store) TagValues(ctx context.Context, auth query.FineAuthorizer, shardIDs []uint64, cond influxql.Expr) ([]TagValues, error) {
@@ -1856,7 +1884,9 @@ func (s *Store) TagValues(ctx context.Context, auth query.FineAuthorizer, shardI
  if err != nil {
  return nil, err
  }
-
+ if err = isBadQuoteTagValueClause(filterExpr); err != nil {
+ return nil, err
+ }
  // Build index set to work on.
  is := IndexSet{Indexes: make([]Index, 0, len(shardIDs))}
  s.mu.RLock()