https://bugzilla.wikimedia.org/show_bug.cgi?id=71486
Kevin Israel (PleaseStand) <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #12 from Kevin Israel (PleaseStand) <[email protected]> --- (In reply to Ori Livneh from comment #11) > It's not good to segfault on user input, so there is still a bit of work to > do before we mark this resolved. I think the sanest approach would be (b) > (cf comment 6). From the user's perspective the only thing that would change > would be the phrasing of the error message we present. A depth limit on serialize() wouldn't completely fix the problem though. Try something like this and you will get a segfault in both PHP and HHVM: $a = null; for ( $i = 0; $i < 100000; ++$i ) { $a = (object)array( $a ); } $a = null; In the above example, the segfault happens on the last line, when the objects are recursively destroyed and the stack overflows. So I think (d) should be considered. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
