From aabf001232fc46ee04cecb3a43fe8c0366a091df Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Wed, 5 Jul 2017 10:44:55 -0300 Subject: [PATCH] Bug 18854: Make sure offset will not be < 0 - protect from DoS There was a bug that meant a very large offset in the search params will cause the search script to run forever (or long enough to crash the machine) To test 1/ Get ready with sudo top so you can kill the thread before it causes your machine to OOM 2/ Hit a page like yourdomain.com/cgi-bin/koha/opac-search.pl?q=1&offset=-9999999999999999999 3/ Notice the process runs for a long time 4/ Kill the process 5/ Apply the patch 6/ Hit the page again, notice the it loads (offset is set to zero) 7/ Do the same to search in the staff client Signed-off-by: Tomas Cohen Arazi Signed-off-by: Julian Maurice Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart --- C4/Search.pm | 1 + Koha/SearchEngine/Elasticsearch/Search.pm | 1 + 2 files changed, 2 insertions(+) diff --git a/C4/Search.pm b/C4/Search.pm index 37dfb2cd6c..fa920cfbca 100644 --- a/C4/Search.pm +++ b/C4/Search.pm @@ -332,6 +332,7 @@ sub getRecords { my @servers = @$servers_ref; my @sort_by = @$sort_by_ref; + $offset = 0 if $offset < 0; # Initialize variables for the ZOOM connection and results object my $zconn; diff --git a/Koha/SearchEngine/Elasticsearch/Search.pm b/Koha/SearchEngine/Elasticsearch/Search.pm index 26bc4fc3c1..9f0e2a5991 100644 --- a/Koha/SearchEngine/Elasticsearch/Search.pm +++ b/Koha/SearchEngine/Elasticsearch/Search.pm @@ -149,6 +149,7 @@ sub search_compat { ) = @_; my %options; $options{offset} = $offset; + $offset = 0 if $offset < 0; $options{expanded_facet} = $expanded_facet; my $results = $self->search($query, undef, $results_per_page, %options); -- 2.39.5