Details
- Applies to
- 1.9.3, 1.9.4
- Purpose
Disable Wildcard- & Regex Searches, also needs >2 chars
- Description
A wildcard search like e* (or a similar regex) can lead to some higher and unwanted memory and cpu usage
Patch
1 --- /home2/moin/MoinMoin/action/fullsearch.py 2012-02-07 21:48:50.000000000 +0100
2 +++ fullsearch.py 2012-03-19 21:17:45.000000000 +0100
3 @@ -162,9 +162,9 @@
4
5 # check for sensible search term
6 stripped = needle.strip()
7 - if len(stripped) == 0:
8 - request.theme.add_msg(_('Please use a more selective search term instead '
9 - 'of {{{"%s"}}}', wiki=True) % wikiutil.escape(needle), "error")
10 + lstripped = stripped.lower()
11 + if (len(lstripped) < 3) or ('regex:' in lstripped) or ('r:' in lstripped) or ('*' in lstripped):
12 + request.theme.add_msg(_('Please use a more selective search term instead of {{{"%s"}}}', wiki=True) % wikiutil.escape(needle), "error")
13 Page(request, pagename).send_page()
14 return
15 needle = stripped
This solution is not 100% bulletproof and also disable maybe some wanted functionality, but it helps me to prevent some stupid user inputs.
Discussion
See the Bug Repport MoinMoinBugs/DisadvantageousSearchLeadsToHighMemoryUsage
Plan
- Priority:
- Assigned to:
- Status: