From patchwork Sat Sep 5 13:48:24 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Fleischer X-Patchwork-Id: 1773 Return-Path: Delivered-To: patchwork@archlinux.org Received: from apollo.archlinux.org (localhost [127.0.0.1]) by apollo.archlinux.org (Postfix) with ESMTP id 30D551AF3853F for ; Sat, 5 Sep 2020 13:48:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on apollo.archlinux.org X-Spam-Level: X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1, MAILING_LIST_MULTI=-1,RCVD_IN_DNSWL_MED=-2.3,SPF_HELO_NONE=0.001, T_DMARC_POLICY_NONE=0.01 autolearn=ham autolearn_force=no version=3.4.4 X-Spam-BL-Results: [127.0.9.2] Received: from orion.archlinux.org (orion.archlinux.org [IPv6:2a01:4f8:160:6087::1]) by apollo.archlinux.org (Postfix) with ESMTPS for ; Sat, 5 Sep 2020 13:48:39 +0000 (UTC) Received: from orion.archlinux.org (localhost [127.0.0.1]) by orion.archlinux.org (Postfix) with ESMTP id 42FC11D38A71B3; Sat, 5 Sep 2020 13:48:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=luna2; t=1599313711; bh=2ucKS4uY/tsTZT8nk8C/mURTbr0jTFsQUwm2NWKfnuA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe; b=KHVgQZRsDQxyyFceYOS5q8tfsTE+pQbwwWrI8AlawCcXDo8zyohwFxK2wnqdCVNpa GjARMQmG6JDZk9Y/F46AD6/Gnaf5u8sIxLtZJehdTbJjhD0GhswkHLUdyCT1XqGdxE r06iKg/kdVna4lc+t9upDahrQ+g4snHeBLoQkyoQNUCumfax9mhjKPxfnRKJ1OwT1p pOL1h3kQsSdb1UGsgJTn9CXWfIaz5MTWG9uJxT7jkTWrGeqNm5xP3H03i0dcPF8vQ+ 3b8LUH8x1mYgxymjl75ALPqPh42VUHszzX/WstDq++6YCqa/uEImC+XA286KSsRwV1 /Bk+phmsSrsxIEYoPBaCH6SeQCbpOY7hBh+FSkafnk5IithF9k6I1ELHwEj76jILP1 MQY+7d8tcY2a+3/9CmX0pty92JCDYV3kfYGCCGgLtV3Xf+QdBIktPBP8X9dtH62Yx0 gAeTAuEwsj+eXLFxGCoZMTimOLhNLf6/ucuEaQFDbjHzgcvG6Sdp/aul0Jdm32sGV1 1TFgX4gr72lE0weZIRhnHMmvWEEoozjN6UlEI3hD/1PnpY7J6KRDh7ZQxMmdsv540x 7pC74DJo0KWXRKkAFJU6qxU8hvC/jV/CN4mO9i/29DHeP+ikOyOt4PSywUv5shNtQu c5lXJF/55lrhh8knkZzx8vvM= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1599313712; bh=2ucKS4uY/tsTZT8nk8C/mURTbr0jTFsQUwm2NWKfnuA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe; b=PUzxDsrOs+eirGU/ZOTPLqjxJSIKW0SYFg//pUnfUsf4X9QQq8rnCh11eSGljwumf 0GQQbaREzdgsLGXe3ectOd4uT3Vy6E4rQy88G1G6Ywk8dL5ZW1BvPBKD2YrR5Mnnrh NUz1VTM3DVr6Fga0mxRHzf6bGg3eQIlGoxFGQWA+GMfGvnXt66GMA7+pr/MCqdw0rE 2W+3nOzpubZqOpTpoP7PDn5ZicAs0K5KgRdVfzencUfWyOP4xWGkMli/jaKoMmdmWn QkfvGg6VzBsi+NJDKwKoMx0OE2/Arn3oD5iDmg/V+YXNnqMaAuDjfOV6XhYDAsV25N eRnNpr3uMI7TYzDNJygnjb3sPmjbhfYkVan3xgYVYLfHar6KrOvDW/eU/axKo4pdDj PxkCYZnLjnwJAT3w2XwLFjkXtTw588hD6HYCwSjm2qS9Yez3Ejx2DgshTBpl0X6F2x j1HGvMnSqdq/t0Pq5IHL9BqDnoiGxlJYMvwCv6eo9xn/bSs4QnLeLeE3hoD6iu8rA1 VwVygVyYe9VLNJIMOasVNQHJc3kqLLRamsLQJ4CfjAo8TDivWdbZVXm1LW3FSdMAVf jej7iTLhaajaeqPjKsHg/8pfL0k5mfbD9hNtIQv2PIjQ/CJihvsrI1xILUELv0xODc LU+em92gIagJYCuYBmqfAa+g= From: Lukas Fleischer DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=archlinux.org; s=orion; t=1599313707; bh=2ucKS4uY/tsTZT8nk8C/mURTbr0jTFsQUwm2NWKfnuA=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=jEtljYS1e/RQrLAKwZBemwktz4Bw8OZXSKPlCBVk4KPj4N02Xp0cHmJnYElwU151J DixXE6/uL5KiztWjzbiBTWfs1xxEd+aGc6VdyqQw3LZdu5mfWxjgF2frofdUeXYLei zhdDk0yTyooIiCjFjQJDQ7cbiISWt5/nb63zdHU1ywB8kd66PZDTESuFtRAe2VXk4U oIKj0I22WQn9uRLl4yi/BfhaHip+nksGlssWj0v2TeR2Hf8EMzI4vzVnUbs8lIj52S Ls1uS6CYmsBB0QdBrHbFdXLiefBfmI+3TecZjZVJyMt6Zs98dXSxViLGJR5kCjJCTO dtZbAoQO49aOxD84ktnnlxCwFts7lUfUdHc/laWQVUkK8nLxC1+fYvYMoM/VVJ/JfF 8udviIbW6GYdAV3Nqd+tyHCKOYS3BnO9kjnaYyD/kiBS/hFSt+JjpxkVqZR2nVF79i ilMZwMnn5/OvR8Jo88iYI/U1b5mn5i5ZmKriPK0twc3Zmi/6+fFAm//wicQw6c30bH QKZRgB0xCOfnxTN/jOBVtS5IJs+CAaKvyYou2lt0ym1G8f5njQ5mum+kyfJ+DM+WXq CJ7XIzooSsinEl0ytDQOO2GKjJ+03+s63GGG4P6xjha035ycYywjeIyRdmc3lOApsl 5NpZoa0t1BhPa6p8Qbu/OiLc= To: aur-dev@archlinux.org Cc: Morten Linderud Subject: [PATCH v2] pkg_search_page: Limit number of results on package search Date: Sat, 5 Sep 2020 09:48:24 -0400 Message-Id: <20200905134824.110020-1-lfleischer@archlinux.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200904072734.2720507-1-foxboron@archlinux.org> References: <20200904072734.2720507-1-foxboron@archlinux.org> MIME-Version: 1.0 X-BeenThere: aur-dev@archlinux.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Arch User Repository \(AUR\) Development" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: aur-dev-bounces@archlinux.org Sender: "aur-dev" From: Morten Linderud The current package search query is quite poorly optimized and becomes a resource hog when the offsets gets large enough. This DoSes the service. A quick fix is to just ensure we have some limit to the number of hits we return. The current hardcoding of 2500 is based on the following: * 250 hits per page max * 10 pages We can maybe consider having it lower, but it seems easier to just have this a multiple of 250 in the first iteration. Signed-off-by: Morten Linderud Signed-off-by: Lukas Fleischer --- web/lib/pkgfuncs.inc.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 8c91571..8075800 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -619,7 +619,7 @@ function pkg_search_page($params, $show_headers=true, $SID="") { /* Sanitize paging variables. */ if (isset($params['O'])) { - $params['O'] = max(intval($params['O']), 0); + $params['O'] = bound(intval($params['O']), 0, 2500); } else { $params['O'] = 0; } @@ -771,9 +771,8 @@ function pkg_search_page($params, $show_headers=true, $SID="") { $result_t = $dbh->query($q_total); if ($result_t) { $row = $result_t->fetch(PDO::FETCH_NUM); - $total = $row[0]; - } - else { + $total = min($row[0], 2500); + } else { $total = 0; }