From 88b441f69a0efce44d4b13c4cda6437a2a4c6498 Mon Sep 17 00:00:00 2001
From: Roan Kattouw <catrope@users.mediawiki.org>
Date: Tue, 15 Jan 2008 21:09:44 +0000
Subject: [PATCH] Limiting image history listings to 500 for now. A hard-coded
 limit sucks, but an alternative isn't really available as the File handling
 code doesn't allow it (see also bug 12645). Besides, very few image histories
 are that long.

---
 includes/api/ApiQueryImageInfo.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/includes/api/ApiQueryImageInfo.php b/includes/api/ApiQueryImageInfo.php
index 7e7abeb6bd..778c5c694a 100644
--- a/includes/api/ApiQueryImageInfo.php
+++ b/includes/api/ApiQueryImageInfo.php
@@ -68,7 +68,13 @@ class ApiQueryImageInfo extends ApiQueryBase {
 					$repository = $img->getRepoName();
 
 					$isCur = true;
+					$count = 0;
 					while($line = $img->nextHistoryLine()) { // assignment
+						# FIXME: Limiting to 500 because it's unlimited right now
+						#	 500+ image histories are scarce, but this has DoS potential
+						#	 FileRepo.php should be fixed
+						if($count++ == 500)
+							break;
 						$row = get_object_vars( $line );
 						$vals = array();
 						$prefix = $isCur ? 'img' : 'oi';
-- 
2.20.1