Address review feedback: add validation guards and pushDownFilter test

- Add pushDownFilter() unit test asserting knn stays in bool.must
  (scoring) and WHERE predicate goes to bool.filter (non-scoring)
- Add option key allowlist (k, max_distance, min_score) to reject
  unknown/unsupported keys before they reach DSL generation
- Add field name validation to reject characters that could corrupt
  the WrapperQueryBuilder JSON (allows alphanumeric, dots, underscores,
  hyphens)
- Add named-arg type guard to reject non-NamedArgumentExpression args
  early with a clear error message

Signed-off-by: Eric Wei <mengwei.eric@gmail.com>

Author: mengweieric

opensearch/src/main/java/org/opensearch/sql/opensearch/storage/VectorSearchTableFunctionImplementation.java

@@ -13,6 +13,8 @@
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 import org.opensearch.sql.common.setting.Settings;
 import org.opensearch.sql.data.model.ExprValue;
@@ -31,6 +33,15 @@
 public class VectorSearchTableFunctionImplementation extends FunctionExpression
     implements TableFunctionImplementation {
 
+  /** P0 allowed option keys. Rejects unknown/future keys to prevent unvalidated DSL injection. */
+  static final Set<String> ALLOWED_OPTION_KEYS = Set.of("k", "max_distance", "min_score");
+
+  /**
+   * Field names must be safe for JSON interpolation: alphanumeric, dots (nested), underscores,
+   * hyphens. Rejects characters that could corrupt the WrapperQueryBuilder JSON.
+   */
+  private static final Pattern SAFE_FIELD_NAME = Pattern.compile("^[a-zA-Z0-9._\\-]+$");
+
   private final FunctionName functionName;
   private final List<Expression> arguments;
   private final OpenSearchClient client;
@@ -75,8 +86,10 @@ public String toString() {
 
   @Override
   public Table applyArguments() {
+    validateNamedArgs();
     String tableName = getArgumentValue(TABLE);
     String fieldName = getArgumentValue(FIELD);
+    validateFieldName(fieldName);
     String vectorLiteral = getArgumentValue(VECTOR);
     String optionStr = getArgumentValue(OPTION);
 
@@ -108,7 +121,40 @@ static Map<String, String> parseOptions(String optionStr) {
     return options;
   }
 
+  /** Reject non-named arguments early. vectorSearch() requires named args (key=value). */
+  private void validateNamedArgs() {
+    for (Expression arg : arguments) {
+      if (!(arg instanceof NamedArgumentExpression)) {
+        throw new ExpressionEvaluationException(
+            "vectorSearch() requires named arguments (e.g., table='index'), "
+                + "but received: "
+                + arg.getClass().getSimpleName());
+      }
+    }
+  }
+
+  /**
+   * Reject field names with characters that could corrupt the WrapperQueryBuilder JSON. Allows
+   * alphanumeric, dots (nested fields), underscores, and hyphens.
+   */
+  private void validateFieldName(String fieldName) {
+    if (!SAFE_FIELD_NAME.matcher(fieldName).matches()) {
+      throw new ExpressionEvaluationException(
+          String.format(
+              "Invalid field name '%s': must contain only alphanumeric characters,"
+                  + " dots, underscores, or hyphens",
+              fieldName));
+    }
+  }
+
   private void validateOptions(Map<String, String> options) {
+    // Reject unknown option keys — only P0 keys are allowed
+    for (String key : options.keySet()) {
+      if (!ALLOWED_OPTION_KEYS.contains(key)) {
+        throw new ExpressionEvaluationException(
+            String.format("Unknown option key '%s'. Supported keys: %s", key, ALLOWED_OPTION_KEYS));
+      }
+    }
     boolean hasK = options.containsKey("k");
     boolean hasMaxDistance = options.containsKey("max_distance");
     boolean hasMinScore = options.containsKey("min_score");

opensearch/src/test/java/org/opensearch/sql/opensearch/storage/VectorSearchTableFunctionImplementationTest.java

@@ -78,11 +78,13 @@ void testApplyArgumentsWithUnbracketedVector() {
   }
 
   @Test
-  void testApplyArgumentsWithComplexOptions() {
+  void testUnknownOptionKeyThrows() {
     VectorSearchTableFunctionImplementation impl =
         createImplWithArgs("my-index", "embedding", "[1.0, 2.0]", "k=10,method.ef_search=100");
-    Table table = impl.applyArguments();
-    assertTrue(table instanceof VectorSearchIndex);
+    ExpressionEvaluationException ex =
+        assertThrows(ExpressionEvaluationException.class, () -> impl.applyArguments());
+    assertTrue(ex.getMessage().contains("Unknown option key"));
+    assertTrue(ex.getMessage().contains("method.ef_search"));
   }
 
   @Test
@@ -104,18 +106,18 @@ void testApplyArgumentsWithMinScore() {
   @Test
   void testMissingSearchModeOptionThrows() {
     VectorSearchTableFunctionImplementation impl =
-        createImplWithArgs("my-index", "embedding", "[1.0, 2.0]", "method.ef_search=100");
+        createImplWithArgs("my-index", "embedding", "[1.0, 2.0]", "not_a_key=100");
     ExpressionEvaluationException ex =
         assertThrows(ExpressionEvaluationException.class, () -> impl.applyArguments());
-    assertTrue(ex.getMessage().contains("one of k, max_distance, or min_score"));
+    assertTrue(ex.getMessage().contains("Unknown option key"));
   }
 
   @Test
   void testParseOptionsMultiple() {
     Map<String, String> opts =
-        VectorSearchTableFunctionImplementation.parseOptions("k=5,method.ef_search=100");
+        VectorSearchTableFunctionImplementation.parseOptions("k=5,max_distance=10.0");
     assertEquals("5", opts.get("k"));
-    assertEquals("100", opts.get("method.ef_search"));
+    assertEquals("10.0", opts.get("max_distance"));
   }
 
   @Test
@@ -133,6 +135,34 @@ void testMissingArgumentThrows() {
     assertEquals("Missing required argument: option", ex.getMessage());
   }
 
+  @Test
+  void testInvalidFieldNameThrows() {
+    VectorSearchTableFunctionImplementation impl =
+        createImplWithArgs("my-index", "field\"injection", "[1.0, 2.0]", "k=5");
+    ExpressionEvaluationException ex =
+        assertThrows(ExpressionEvaluationException.class, () -> impl.applyArguments());
+    assertTrue(ex.getMessage().contains("Invalid field name"));
+  }
+
+  @Test
+  void testNestedFieldNameAllowed() {
+    VectorSearchTableFunctionImplementation impl =
+        createImplWithArgs("my-index", "doc.embedding", "[1.0, 2.0]", "k=5");
+    Table table = impl.applyArguments();
+    assertTrue(table instanceof VectorSearchIndex);
+  }
+
+  @Test
+  void testNonNamedArgThrows() {
+    FunctionName functionName = FunctionName.of("vectorsearch");
+    List<Expression> args = List.of(DSL.literal("my-index"));
+    VectorSearchTableFunctionImplementation impl =
+        new VectorSearchTableFunctionImplementation(functionName, args, client, settings);
+    ExpressionEvaluationException ex =
+        assertThrows(ExpressionEvaluationException.class, () -> impl.applyArguments());
+    assertTrue(ex.getMessage().contains("requires named arguments"));
+  }
+
   private VectorSearchTableFunctionImplementation createImpl() {
     return createImplWithArgs("my-index", "embedding", "[1.0, 2.0, 3.0]", "k=5");
   }

opensearch/src/test/java/org/opensearch/sql/opensearch/storage/scan/VectorSearchQueryBuilderTest.java

@@ -5,22 +5,30 @@
 
 package org.opensearch.sql.opensearch.storage.scan;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.Mockito.mock;
+import static org.opensearch.sql.data.type.ExprCoreType.STRING;
 
+import java.util.Collections;
 import org.junit.jupiter.api.Test;
+import org.opensearch.index.query.BoolQueryBuilder;
 import org.opensearch.index.query.QueryBuilder;
 import org.opensearch.index.query.WrapperQueryBuilder;
 import org.opensearch.sql.common.setting.Settings;
+import org.opensearch.sql.expression.DSL;
+import org.opensearch.sql.expression.ReferenceExpression;
 import org.opensearch.sql.opensearch.data.value.OpenSearchExprValueFactory;
 import org.opensearch.sql.opensearch.request.OpenSearchRequestBuilder;
+import org.opensearch.sql.planner.logical.LogicalFilter;
+import org.opensearch.sql.planner.logical.LogicalValues;
 
 class VectorSearchQueryBuilderTest {
 
   @Test
   void knnQuerySetAsScoringQuery() {
     var requestBuilder = createRequestBuilder();
-    var knnQuery = new WrapperQueryBuilder("eyJrbm4iOnt9fQ==");
+    var knnQuery = new WrapperQueryBuilder("{\"knn\":{}}");
 
     new VectorSearchQueryBuilder(requestBuilder, knnQuery);
 
@@ -31,16 +39,27 @@ void knnQuerySetAsScoringQuery() {
   }
 
   @Test
-  void knnQueryNotWrappedInFilterWhenNoWhere() {
+  void pushDownFilterKeepsKnnInScoringContext() {
     var requestBuilder = createRequestBuilder();
-    var knnQuery = new WrapperQueryBuilder("eyJrbm4iOnt9fQ==");
+    var knnQuery = new WrapperQueryBuilder("{\"knn\":{}}");
+    var builder = new VectorSearchQueryBuilder(requestBuilder, knnQuery);
 
-    new VectorSearchQueryBuilder(requestBuilder, knnQuery);
+    // Simulate WHERE name = 'John'
+    var condition = DSL.equal(new ReferenceExpression("name", STRING), DSL.literal("John"));
+    var dummyChild = new LogicalValues(Collections.emptyList());
+    var filter = new LogicalFilter(dummyChild, condition);
 
-    QueryBuilder query = requestBuilder.getSourceBuilder().query();
+    boolean pushed = builder.pushDownFilter(filter);
+
+    assertTrue(pushed, "pushDownFilter should succeed");
+    QueryBuilder resultQuery = requestBuilder.getSourceBuilder().query();
+    assertTrue(resultQuery instanceof BoolQueryBuilder, "Result should be a BoolQuery");
+    BoolQueryBuilder boolQuery = (BoolQueryBuilder) resultQuery;
+    assertEquals(1, boolQuery.must().size(), "knn query should be in must (scoring context)");
+    assertEquals(1, boolQuery.filter().size(), "WHERE predicate should be in filter (non-scoring)");
     assertTrue(
-        query instanceof WrapperQueryBuilder,
-        "Without WHERE clause, knn query should NOT be wrapped in bool.filter");
+        boolQuery.must().get(0) instanceof WrapperQueryBuilder,
+        "must clause should contain the original knn WrapperQueryBuilder");
   }
 
   private OpenSearchRequestBuilder createRequestBuilder() {