[aur-dev] [PATCH] aurjson.class.php: Limit number of RPC results
canyonknight at gmail.com
canyonknight at gmail.com
Thu Oct 18 18:41:15 EDT 2012
On Thu, Oct 18, 2012 at 4:52 PM, canyonknight <canyonknight at gmail.com> wrote:
> With no limit to the number of results, memory_limit set to 32M
> can easily be exceeded for searches that have a large number of
> results. This results in an HTTP error 500 for those queries.
>
> Limit results to 5000 packages to avoid exceeding memory_limit.
> Introduce new JSON error code for when the result limit is hit.
>
> Fixes FS#31849
>
> Signed-off-by: canyonknight <canyonknight at gmail.com>
> ---
>
> It doesn't have to be 5000. That's just a safe arbitrary number
> I came up with during testing.
Loui suggested this should be configurable in config.inc.php That
sounds like a good idea, so I'll be re-submitting this one.
>
> web/lib/aurjson.class.php | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
> index fbdc711..5701697 100644
> --- a/web/lib/aurjson.class.php
> +++ b/web/lib/aurjson.class.php
> @@ -149,6 +149,10 @@ class AurJSON {
> }
> }
>
> + if ($resultcount === 5000) {
> + return $this->json_error('Too many package results.');
> + }
> +
> return $this->json_results($type, $resultcount, $search_data);
> }
> else {
> @@ -198,7 +202,8 @@ class AurJSON {
> $keyword_string = $this->dbh->quote("%" . addcslashes($keyword_string, '%_') . "%");
>
> $where_condition = "(Name LIKE {$keyword_string} OR ";
> - $where_condition.= "Description LIKE {$keyword_string})";
> + $where_condition.= "Description LIKE {$keyword_string}) ";
> + $where_condition.= "LIMIT 5000";
>
> return $this->process_query('search', $where_condition);
> }
> @@ -238,17 +243,19 @@ class AurJSON {
> $where_condition = "";
> if ($ids) {
> $ids_value = implode(',', $args['ids']);
> - $where_condition .= "ID IN ({$ids_value})";
> + $where_condition .= "ID IN ({$ids_value}) ";
> }
> if ($ids && $names) {
> - $where_condition .= " OR ";
> + $where_condition .= "OR ";
> }
> if ($names) {
> // individual names were quoted in parse_multiinfo_args()
> $names_value = implode(',', $args['names']);
> - $where_condition .= "Name IN ({$names_value})";
> + $where_condition .= "Name IN ({$names_value}) ";
> }
>
> + $where_condition .= "LIMIT 5000";
> +
> return $this->process_query('multiinfo', $where_condition);
> }
>
> @@ -260,7 +267,8 @@ class AurJSON {
> private function msearch($maintainer) {
> $maintainer = $this->dbh->quote($maintainer);
>
> - $where_condition = "Users.Username = {$maintainer}";
> + $where_condition = "Users.Username = {$maintainer} ";
> + $where_condition .= "LIMIT 5000";
>
> return $this->process_query('msearch', $where_condition);
> }
> --
> 1.7.12.3
>
More information about the aur-dev
mailing list