[PATCH] pkg_search_page: Limit number of results on package search
foxboron at archlinux.org
foxboron at archlinux.org
Fri Sep 4 07:27:34 UTC 2020
From: Morten Linderud <morten at linderud.pw>
The current package search query is quite poorly optimized and becomes a
resource hog when the offsets gets large enough. This DoSes the service.
A quick fix is to just ensure we have some limit to the number of hits
we return. The current hardcoding of 2500 is based on the following:
* 250 hits pr page max
* 10 pages
We can maybe consider having it lower, but it seems easier to just have
this a multiple of 250 in the first iteration.
Signed-off-by: Morten Linderud <morten at linderud.pw>
---
web/lib/pkgfuncs.inc.php | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index 8c915711..948e716c 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -624,6 +624,10 @@ function pkg_search_page($params, $show_headers=true, $SID="") {
$params['O'] = 0;
}
+ if($params['O'] >= 2500){
+ $params['O'] = 2500;
+ }
+
if (isset($params["PP"])) {
$params["PP"] = bound(intval($params["PP"]), 50, 250);
} else {
@@ -772,6 +776,9 @@ function pkg_search_page($params, $show_headers=true, $SID="") {
if ($result_t) {
$row = $result_t->fetch(PDO::FETCH_NUM);
$total = $row[0];
+ if ($total >= 2500) {
+ $total = 2500;
+ }
}
else {
$total = 0;
--
2.28.0
More information about the aur-dev
mailing list