# This patch fixes a denial-of-service problem in the 2.0.7 server.
# Unless this patch is applied, a user that isn't logged in can
# cause the server to examine all texts in a single request.  This
# will cause the server to grow and not do anything else while it
# is processing the request.  When the DoS was found on LysLysKOM, 
# the lyskomd process became 827 MB and it took something like 15
# minutes before the server became responsive again.
#
# Everybody is encouraged to apply this patch, recompile, and restart
# the server.
#
# Thanks to Calle Dybedahl who accidentally found the problem and
# promptly informed me about it.
#
#    /ceder, 2003-05-10
diff -x *.o -x *.Po -u -r lyskom-server-2.0.7-orig/src/server/text.c lyskom-server-2.0.7/src/server/text.c
--- lyskom-server-2.0.7-orig/src/server/text.c	Sat May 10 12:14:14 2003
+++ lyskom-server-2.0.7/src/server/text.c	Sat May 10 12:15:20 2003
@@ -2379,6 +2379,7 @@
      */
 
     CHK_CONNECTION(FAILURE);
+    CHK_LOGIN(FAILURE);
     while (lower < higher)
     {
 	middle = (lower + higher)/2 + 1; /* Binary search */
@@ -2422,6 +2423,7 @@
     Text_stat *text_s;
 
     CHK_CONNECTION(FAILURE);
+    CHK_LOGIN(FAILURE);
     err_stat = start;
     while (++start < highest)
     {
@@ -2452,6 +2454,7 @@
     const Text_no saved_start = start;
     
     CHK_CONNECTION(FAILURE);
+    CHK_LOGIN(FAILURE);
     
     if (start >(next_tno = query_next_text_num()))
 	start = next_tno;
diff -x *.o -x *.Po -u -r lyskom-server-2.0.7-orig/src/server/testsuite/lyskomd.0/01.exp lyskom-server-2.0.7/src/server/testsuite/lyskomd.0/01.exp
--- lyskom-server-2.0.7-orig/src/server/testsuite/lyskomd.0/01.exp	Sat May 10 12:14:17 2003
+++ lyskom-server-2.0.7/src/server/testsuite/lyskomd.0/01.exp	Sat May 10 12:44:23 2003
@@ -243,20 +243,20 @@
 simple_expect "%1069 6 0" "set-user-area"
 # 58:get-last-text
 send "1070 58 0 0 12 1 0 90 0 0 0\n"
-simple_expect "=1070 0" "get-last-text"
+simple_expect "%1070 6 0" "get-last-text"
 # 59:create-anonymous-text-old
 send "1071 59 [holl "anon-txt"] 1 { 0 2 }\n"
 simple_expect "%1071 6 0" "create-anonymous-text-old"
 # 60:find-next-text-no
 send "1072 60 0\n"
-simple_expect "%1072 14 0" "find-next-text-no"
+simple_expect "%1072 6 0" "find-next-text-no"
 send "1073 60 1\n"
-simple_expect "%1073 14 1" "find-next-text-no"
+simple_expect "%1073 6 0" "find-next-text-no"
 send "1074 60 3\n"
-simple_expect "%1074 14 3" "find-next-text-no"
+simple_expect "%1074 6 0" "find-next-text-no"
 # 61:find-previous-text-no
 send "1075 61 18\n"
-simple_expect "%1075 14 18" "find-previous-text-no"
+simple_expect "%1075 6 0" "find-previous-text-no"
 # 62:login
 send "1076 62 0 [holl "broken"] 1\n"
 simple_expect "%1076 8 0" "login"