On Sat, Sep 30, 2023, at 10:18 AM, Niels Dossche wrote: > Hi internals > > I'm looking to address https://bugs.php.net/bug.php?id=71571. > TL;DR: XSL has a maximum recursion depth, and it may even depend on the > distro/OS config. > For complex inputs you may reach this limit, but PHP offers no way to > change that limit. > > As we already have methods in XSLTProcessor to configure certain things > (e.g. setProfiling, setSecurityPrefs), it may be an idea to add > `setMaxDepth(int $depth)` or something alike. > > Unfortunately, XSLTProcessor is non-final, so if a user class extends > this class and coincidentally already has a method with the same name > but incompatible signature, then they would get a compile error. > > What do you think? > > Kind regards > Niels
In context, I cannot imagine why someone would have a setMaxDepth() method with that name, since, AIUI, they wouldn't be able to actually set the max depth. So I think the chances of there being a conflict are extremely remote, and an acceptable risk. This could be verified by doing a "top packages" scan using Nikita's script, which is probably a good step anyway. --Larry Garfield -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
