From 99b32717cd2596ce89a2d46b8cb4ddbba2dea5ad Mon Sep 17 00:00:00 2001 From: Chris Cormack Date: Sun, 25 Jun 2017 17:34:12 +1200 Subject: [PATCH] Bug 18854 - Protect from DOS There was a bug that meant a very large offset in the search params will cause the search script to run forever (or long enough to crash the machine) To test 1/ Get ready with sudo top so you can kill the thread before it causes your machine to OOM 2/ Hit a page like yourdomain.com/cgi-bin/koha/opac-search.pl?q=1&offset=-9999999999999999999 3/ Notice the process runs for a long time 4/ Kill the process 5/ Apply the patch 6/ Hit the page again, notice the it loads (offset is set to zero) 7/ Do the same to search in the staff client Signed-off-by: Mirko Tietgen Signed-off-by: Marcel de Rooy Amended: changed -2 to 0 in opac-search.pl. Signed-off-by: Julian Maurice Signed-off-by: Jonathan Druart --- catalogue/search.pl | 1 + opac/opac-search.pl | 1 + 2 files changed, 2 insertions(+) diff --git a/catalogue/search.pl b/catalogue/search.pl index e4ca11aff1..7a8cf126dd 100755 --- a/catalogue/search.pl +++ b/catalogue/search.pl @@ -449,6 +449,7 @@ my $scan = $params->{'scan'}; my $count = C4::Context->preference('numSearchResults') || 20; my $results_per_page = $params->{'count'} || $count; my $offset = $params->{'offset'} || 0; +$offset = 0 if $offset < 0; my $page = $cgi->param('page') || 1; #my $offset = ($page-1)*$results_per_page; my $hits; diff --git a/opac/opac-search.pl b/opac/opac-search.pl index 76b24f3fc7..145673230d 100755 --- a/opac/opac-search.pl +++ b/opac/opac-search.pl @@ -521,6 +521,7 @@ my $count = C4::Context->preference('OPACnumSearchResults') || 20; my $countRSS = C4::Context->preference('numSearchRSSResults') || 50; my $results_per_page = $params->{'count'} || $count; my $offset = $params->{'offset'} || 0; +$offset = 0 if $offset < 0; my $page = $cgi->param('page') || 1; $offset = ($page-1)*$results_per_page if $page>1; my $hits; -- 2.39.5