external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

pkg_search_page: Limit number of results on package search

Browse source 
The current package search query is quite poorly optimized and becomes a
resource hog when the offsets gets large enough. This DoSes the service.

A quick fix is to just ensure we have some limit to the number of hits
we return. The current hardcoding of 2500 is based on the following:

    * 250 hits per page max
    * 10 pages

We can maybe consider having it lower, but it seems easier to just have
this a multiple of 250 in the first iteration.

Signed-off-by: Morten Linderud <morten@linderud.pw>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Morten Linderud 2020-09-04 09:27:34 +02:00 committed by Lukas Fleischer
parent c4f4ac510b
commit 613364b773
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
web/lib/pkgfuncs.inc.php
View file

@ -619,7 +619,7 @@ function pkg_search_page($params, $show_headers=true, $SID="") {
/* Sanitize paging variables. */ /* Sanitize paging variables. */
if (isset($params['O'])) { if (isset($params['O'])) {
$params['O'] = max(intval($params['O']), 0); $params['O'] = bound(intval($params['O']), 0, 2500);
} else { } else {
$params['O'] = 0; $params['O'] = 0;
} }
@ -771,9 +771,8 @@ function pkg_search_page($params, $show_headers=true, $SID="") {
$result_t = $dbh->query($q_total); $result_t = $dbh->query($q_total);
if ($result_t) { if ($result_t) {
$row = $result_t->fetch(PDO::FETCH_NUM); $row = $result_t->fetch(PDO::FETCH_NUM);
$total = $row[0]; $total = min($row[0], 2500);
} } else {
else {
$total = 0; $total = 0;
} }