stas Fri Mar 2 22:04:46 2007 UTC
Modified files:
/php-src/main main.c php_globals.h php_variables.c
Log:
limit nesting level of input variables
http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.722&r2=1.723&diff_format=u
Index: php-src/main/main.c
diff -u php-src/main/main.c:1.722 php-src/main/main.c:1.723
--- php-src/main/main.c:1.722 Sat Feb 3 14:57:24 2007
+++ php-src/main/main.c Fri Mar 2 22:04:46 2007
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: main.c,v 1.722 2007/02/03 14:57:24 helly Exp $ */
+/* $Id: main.c,v 1.723 2007/03/02 22:04:46 stas Exp $ */
/* {{{ includes
*/
@@ -402,6 +402,7 @@
STD_PHP_INI_ENTRY("upload_max_filesize", "2M",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong,
upload_max_filesize, php_core_globals, core_globals)
STD_PHP_INI_ENTRY("post_max_size", "8M",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong,
post_max_size, sapi_globals_struct,sapi_globals)
STD_PHP_INI_ENTRY("upload_tmp_dir", NULL,
PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir,
php_core_globals, core_globals)
+ STD_PHP_INI_ENTRY("max_input_nesting_level", "64",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero,
max_input_nesting_level, php_core_globals,
core_globals)
STD_PHP_INI_ENTRY("user_dir", NULL,
PHP_INI_SYSTEM, OnUpdateString, user_dir,
php_core_globals, core_globals)
STD_PHP_INI_ENTRY("variables_order", "EGPCS",
PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateStringUnempty,
variables_order, php_core_globals, core_globals)
http://cvs.php.net/viewvc.cgi/php-src/main/php_globals.h?r1=1.110&r2=1.111&diff_format=u
Index: php-src/main/php_globals.h
diff -u php-src/main/php_globals.h:1.110 php-src/main/php_globals.h:1.111
--- php-src/main/php_globals.h:1.110 Wed Jan 24 21:43:47 2007
+++ php-src/main/php_globals.h Fri Mar 2 22:04:46 2007
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_globals.h,v 1.110 2007/01/24 21:43:47 pollita Exp $ */
+/* $Id: php_globals.h,v 1.111 2007/03/02 22:04:46 stas Exp $ */
#ifndef PHP_GLOBALS_H
#define PHP_GLOBALS_H
@@ -141,6 +141,7 @@
#ifdef PHP_WIN32
zend_bool com_initialized;
#endif
+ long max_input_nesting_level;
};
http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.136&r2=1.137&diff_format=u
Index: php-src/main/php_variables.c
diff -u php-src/main/php_variables.c:1.136 php-src/main/php_variables.c:1.137
--- php-src/main/php_variables.c:1.136 Mon Jan 1 09:29:35 2007
+++ php-src/main/php_variables.c Fri Mar 2 22:04:46 2007
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_variables.c,v 1.136 2007/01/01 09:29:35 sebastian Exp $ */
+/* $Id: php_variables.c,v 1.137 2007/03/02 22:04:46 stas Exp $ */
#include <stdio.h>
#include "php.h"
@@ -127,10 +127,16 @@
index_len = var_len;
if (is_array) {
+ int nest_level = 0;
while (1) {
char *index_s;
int new_idx_len = 0;
+ if(++nest_level > PG(max_input_nesting_level)) {
+ /* too many levels of nesting */
+ php_error_docref(NULL TSRMLS_CC, E_ERROR,
"Input variable nesting level more than allowed %d (change
max_input_nesting_level in php.ini to increase the limit)",
PG(max_input_nesting_level));
+ }
+
ip++;
index_s = ip;
if (isspace(*ip)) {
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
