[aur-dev] [PATCH] Add hard limit for the length of dependency lists
Lukas Fleischer
lfleischer at archlinux.org
Thu Apr 28 17:28:23 UTC 2016
Introduce a configuration option max_depends which can be used to
specify a maximum number of (reverse) dependencies to display on the
package details pages.
Fixes FS#49059.
Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
---
conf/config.proto | 1 +
web/lib/pkgfuncs.inc.php | 10 ++++++----
web/template/pkg_details.php | 5 +++--
3 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/conf/config.proto b/conf/config.proto
index 560c705..64af774 100644
--- a/conf/config.proto
+++ b/conf/config.proto
@@ -21,6 +21,7 @@ aur_location = https://aur.archlinux.org
git_clone_uri_anon = https://aur.archlinux.org/%s.git
git_clone_uri_priv = ssh://aur@aur.archlinux.org/%s.git
max_rpc_results = 5000
+max_depends = 1000
aur_request_ml = aur-requests at archlinux.org
request_idle_time = 1209600
auto_orphan_age = 15552000
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index eaea318..4b0fdba 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -230,10 +230,11 @@ function pkg_providers($name) {
* Get package dependencies for a specific package
*
* @param int $pkgid The package to get dependencies for
+ * @param int $limit An upper bound for the number of packages to retrieve
*
* @return array All package dependencies for the package
*/
-function pkg_dependencies($pkgid) {
+function pkg_dependencies($pkgid, $limit) {
$deps = array();
$pkgid = intval($pkgid);
if ($pkgid > 0) {
@@ -243,7 +244,7 @@ function pkg_dependencies($pkgid) {
$q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) = p.Name ";
$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
$q.= "WHERE pd.PackageID = ". $pkgid . " ";
- $q.= "ORDER BY pd.DepName";
+ $q.= "ORDER BY pd.DepName LIMIT " . intval($limit);
$result = $dbh->query($q);
if (!$result) {
return array();
@@ -505,10 +506,11 @@ function pkg_source_link($url, $arch) {
*
* @param string $name The package name for the dependency search
* @param array $provides A list of virtual provisions of the package
+ * @param int $limit An upper bound for the number of packages to retrieve
*
* @return array All packages that depend on the specified package name
*/
-function pkg_required($name="", $provides) {
+function pkg_required($name="", $provides, $limit) {
$deps = array();
if ($name != "") {
$dbh = DB::connect();
@@ -523,7 +525,7 @@ function pkg_required($name="", $provides) {
$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
$q.= "WHERE pd.DepName IN (" . $name_list . ") ";
$q.= "OR SUBSTRING(pd.DepName FROM 1 FOR POSITION(': ' IN pd.DepName) - 1) IN (" . $name_list . ") ";
- $q.= "ORDER BY p.Name";
+ $q.= "ORDER BY p.Name LIMIT " . intval($limit);
$result = $dbh->query($q);
if (!$result) {return array();}
while ($row = $result->fetch(PDO::FETCH_NUM)) {
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index 8b038b9..b9c66d4 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -5,6 +5,7 @@ $log_uri = sprintf(config_get('options', 'log_uri'), urlencode($row['BaseName'])
$snapshot_uri = sprintf(config_get('options', 'snapshot_uri'), urlencode($row['BaseName']));
$git_clone_uri_anon = sprintf(config_get('options', 'git_clone_uri_anon'), htmlspecialchars($row['BaseName']));
$git_clone_uri_priv = sprintf(config_get('options', 'git_clone_uri_priv'), htmlspecialchars($row['BaseName']));
+$max_depends = config_get_int('options', 'max_depends');
$uid = uid_from_sid($SID);
@@ -40,7 +41,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($
$lics = pkg_licenses($row["ID"]);
$grps = pkg_groups($row["ID"]);
-$deps = pkg_dependencies($row["ID"]);
+$deps = pkg_dependencies($row["ID"], $max_depends);
usort($deps, function($x, $y) {
if ($x[1] != $y[1]) {
@@ -82,7 +83,7 @@ foreach ($rels as $rel) {
}
}
-$requiredby = pkg_required($row["Name"], $rels_p);
+$requiredby = pkg_required($row["Name"], $rels_p, $max_depends);
# $sources[0] = 'src';
$sources = pkg_sources($row["ID"]);
--
2.8.0
More information about the aur-dev
mailing list