Skip to content

Fix WITHSCORES search response parsing#561

Open
slorello89 wants to merge 1 commit intomainfrom
fix/issue-310-queryflags-withscores
Open

Fix WITHSCORES search response parsing#561
slorello89 wants to merge 1 commit intomainfrom
fix/issue-310-queryflags-withscores

Conversation

@slorello89
Copy link
Member

@slorello89 slorello89 commented Mar 18, 2026
edited by cursor bot
Loading

Issue #310

Search response parsing assumed FT.SEARCH replies were always id plus field payload pairs. WITHSCORES inserts a scalar score after each document id, which broke parsing and could trigger duplicate-key failures.

Fix:

  • Skip scalar metadata entries between the document id and the field payload.
  • Apply the same parsing logic to raw, typed, and primitive search responses.
  • Add regression tests for duplicate and distinct scores.

Tests:

  • dotnet test test/Redis.OM.Unit.Tests/Redis.OM.Unit.Tests.csproj --filter SearchResponseTests
  • dotnet test test/Redis.OM.Unit.Tests/Redis.OM.Unit.Tests.csproj --filter FullyQualifiedName~Redis.OM.Unit.Tests.RediSearchTests.SearchTests

Risk:

  • Scoped to FT.SEARCH reply parsing. No public API changes.

Note

Medium Risk
Adjusts core FT.SEARCH reply parsing to skip scalar metadata entries (e.g., scores), which can affect how documents are materialized across typed and primitive search responses if the index-walking logic is wrong.

Overview
Fixes FT.SEARCH response parsing when WITHSCORES is used by skipping scalar metadata entries between a document id and its field payload, instead of assuming strict id, payload pairs.

Applies the same index-scanning logic to SearchResponse, SearchResponse<T> (typed hash mapping), and primitive responses, and adds regression tests covering both duplicate and distinct scores to ensure document ids and fields are parsed correctly.

Written by Cursor Bugbot for commit cd9aabf. This will update automatically on new commits. Configure here.

@jit-ci
Copy link

jit-ci bot commented Mar 18, 2026

🛡️ Jit Security Scan Results

CRITICAL HIGH MEDIUM

✅ No security findings were detected in this PR

Security scan by Jit

cursor[bot]
cursor bot reviewed Mar 18, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

src/Redis.OM/Searching/SearchResponse.cs
}

return startIndex;
}
Copy link

@cursor cursor bot Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicated GetDocumentIndex risks inconsistent future fixes

Low Severity

GetDocumentIndex is defined identically as private static in both SearchResponse and SearchResponse<T> within the same file. If a bug is later found in this heuristic (e.g., handling a new metadata format), only one copy might get patched. Since both classes live in the same file, this could be a single internal static method on one class referenced by the other, or extracted to a small shared helper.

Additional Locations (1)
Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@slorello89