On Thu, Jan 5, 2012 at 3:01 PM, Stas Malyshev <smalys...@sugarcrm.com> wrote: > Hi! > > >> and different with the fix which was commited now, this patch count >> the num vars in a global scope, that means if there are 2 elements >> which both have 500 elements in post, the restriction will also >> affect, > > > Why? The point of the limitation is to avoid hash collisions and related > performance problems, but if they are in different elements, what is the > point of limiting them? > Hi, this patch is aim at a quick/simple fix than before, that is why I proposal this patch.
actually, there might be no attack even a array has more than 1000 elements, I mean, this is a simple / quick fix but works the same. thanks > > -- > Stanislav Malyshev, Software Architect > SugarCRM: http://www.sugarcrm.com/ > (408)454-6900 ext. 227 -- Laruence Xinchen Hui http://www.laruence.com/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
