From: Eric Wong <e@80x24.org>
Date: Sun, 22 May 2016 20:44:34 +0000 (+0000)
Subject: www: avoid warnings on bad offsets for Xapian
X-Git-Tag: v1.0.0~506
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ab19b9e259dfef9eb78a8efc42ef2453126417b;p=thirdparty%2Fpublic-inbox.git

www: avoid warnings on bad offsets for Xapian

The offset argument must be an integer for Xapian,
however users (or bots) type the darndest things.

AFAIK this has no security implications besides triggering
a warning (which could lead to out-of-space-errors)
---

diff --git a/lib/PublicInbox/SearchView.pm b/lib/PublicInbox/SearchView.pm
index c0cd1ffd6..e3dc22f7a 100644
--- a/lib/PublicInbox/SearchView.pm
+++ b/lib/PublicInbox/SearchView.pm
@@ -263,10 +263,11 @@ use PublicInbox::Hval;
 sub new {
 	my ($class, $cgi) = @_;
 	my $r = $cgi->param('r');
+	my ($off) = (($cgi->param('o') || '0') =~ /(\d+)/);
 	bless {
 		q => $cgi->param('q'),
 		x => $cgi->param('x') || '',
-		o => int($cgi->param('o') || 0) || 0,
+		o => $off,
 		r => (defined $r && $r ne '0'),
 	}, $class;
 }
diff --git a/lib/PublicInbox/View.pm b/lib/PublicInbox/View.pm
index 21949812d..43609914c 100644
--- a/lib/PublicInbox/View.pm
+++ b/lib/PublicInbox/View.pm
@@ -840,13 +840,12 @@ sub emit_topics {
 
 sub emit_index_topics {
 	my ($state) = @_;
-	my $off = $state->{ctx}->{cgi}->param('o');
-	$off = 0 unless defined $off;
+	my ($off) = (($state->{ctx}->{cgi}->param('o') || '0') =~ /(\d+)/);
 	$state->{order} = [];
 	$state->{subjs} = {};
 	$state->{latest} = {};
 	my $max = 25;
-	my %opts = ( offset => int $off, limit => $max * 4 );
+	my %opts = ( offset => $off, limit => $max * 4 );
 	while (scalar @{$state->{order}} < $max) {
 		my $sres = $state->{srch}->query('', \%opts);
 		my $nr = scalar @{$sres->{msgs}} or last;