archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Improved fix for MOPB-02-2007

Browse source
This commit is contained in:
Ilia Alshanetsky 2007-06-03 16:19:14 +00:00
parent 79e3c88352
commit a8be5f419d
3 changed files with 53 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
NEWS
View file

@ -1,6 +1,7 @@
PHP NEWS PHP NEWS
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2007, PHP 5.2.4 ?? ??? 2007, PHP 5.2.4
- Improved fix for MOPB-02-2007. (Ilia)
- Fixed bug #41518 (file_exists() warns of open_basedir restriction on - Fixed bug #41518 (file_exists() warns of open_basedir restriction on
non-existent file). (Tony) non-existent file). (Tony)
- Fixed bug #39330 (apache2handler does not call shutdown actions before - Fixed bug #39330 (apache2handler does not call shutdown actions before

20
main/php_variables.c
View file

@ -125,8 +125,22 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
int new_idx_len = 0; int new_idx_len = 0;
if(++nest_level > PG(max_input_nesting_level)) { if(++nest_level > PG(max_input_nesting_level)) {
HashTable *ht;
/* too many levels of nesting */ /* too many levels of nesting */
php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level));
if (track_vars_array) {
ht = Z_ARRVAL_P(track_vars_array);
} else if (PG(register_globals)) {
ht = EG(active_symbol_table);
}
zend_hash_del(ht, var, var_len + 1);
zval_dtor(val);
if (!PG(display_errors)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level));
}
return;
} }
ip++; ip++;
@ -142,9 +156,9 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
/* PHP variables cannot contain '[' in their names, so we replace the character with a '_' */ /* PHP variables cannot contain '[' in their names, so we replace the character with a '_' */
*(index_s - 1) = '_'; *(index_s - 1) = '_';
index_len = var_len = 0; index_len = 0;
if (index) { if (index) {
index_len = var_len = strlen(index); index_len = strlen(index);
} }
goto plain_var; goto plain_var;
return; return;

35
tests/basic/027.phpt Normal file
View file

@ -0,0 +1,35 @@
--TEST--
Handling of max_input_nesting_level being reached
--INI--
magic_quotes_gpc=0
always_populate_raw_post_data=0
display_errors=0
max_input_nesting_level=10
track_errors=1
log_errors=0
--SKIPIF--
<?php if (php_sapi_name()=='cli') echo 'skip'; ?>
--POST--
a=1&b=ZYX&c[][][][][][][][][][][][][][][][][][][][][][]=123&d=123&e[][]][]=3
--FILE--
<?php
var_dump($_POST, $php_errormsg);
?>
--EXPECT--
array(4) {
["a"]=>
string(1) "1"
["b"]=>
string(3) "ZYX"
["d"]=>
string(3) "123"
["e"]=>
array(1) {
[0]=>
array(1) {
[0]=>
string(1) "3"
}
}
}
string(124) "Unknown: Input variable nesting level more than allowed 10 (change max_input_nesting_level in php.ini to increase the limit)"