diff options
| author | Ilia Alshanetsky <iliaa@php.net> | 2007-06-03 16:19:14 +0000 |
|---|---|---|
| committer | Ilia Alshanetsky <iliaa@php.net> | 2007-06-03 16:19:14 +0000 |
| commit | a8be5f419d8b724184d258bc8f9ccf4977edcd06 (patch) | |
| tree | a7ebb8a622df2b3b36c5fb4624b1356fada49688 | |
| parent | 79e3c883525b864d8d73d0ce77e1739f588ac100 (diff) | |
| download | php-git-a8be5f419d8b724184d258bc8f9ccf4977edcd06.tar.gz | |
Improved fix for MOPB-02-2007
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | main/php_variables.c | 20 | ||||
| -rw-r--r-- | tests/basic/027.phpt | 35 |
3 files changed, 53 insertions, 3 deletions
@@ -1,6 +1,7 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2007, PHP 5.2.4 +- Improved fix for MOPB-02-2007. (Ilia) - Fixed bug #41518 (file_exists() warns of open_basedir restriction on non-existent file). (Tony) - Fixed bug #39330 (apache2handler does not call shutdown actions before diff --git a/main/php_variables.c b/main/php_variables.c index 0de1bd6574..cd4db41a6e 100644 --- a/main/php_variables.c +++ b/main/php_variables.c @@ -125,8 +125,22 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra int new_idx_len = 0; if(++nest_level > PG(max_input_nesting_level)) { + HashTable *ht; /* too many levels of nesting */ - php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level)); + + if (track_vars_array) { + ht = Z_ARRVAL_P(track_vars_array); + } else if (PG(register_globals)) { + ht = EG(active_symbol_table); + } + + zend_hash_del(ht, var, var_len + 1); + zval_dtor(val); + + if (!PG(display_errors)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level)); + } + return; } ip++; @@ -142,9 +156,9 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra /* PHP variables cannot contain '[' in their names, so we replace the character with a '_' */ *(index_s - 1) = '_'; - index_len = var_len = 0; + index_len = 0; if (index) { - index_len = var_len = strlen(index); + index_len = strlen(index); } goto plain_var; return; diff --git a/tests/basic/027.phpt b/tests/basic/027.phpt new file mode 100644 index 0000000000..18b17bce9b --- /dev/null +++ b/tests/basic/027.phpt @@ -0,0 +1,35 @@ +--TEST-- +Handling of max_input_nesting_level being reached +--INI-- +magic_quotes_gpc=0 +always_populate_raw_post_data=0 +display_errors=0 +max_input_nesting_level=10 +track_errors=1 +log_errors=0 +--SKIPIF-- +<?php if (php_sapi_name()=='cli') echo 'skip'; ?> +--POST-- +a=1&b=ZYX&c[][][][][][][][][][][][][][][][][][][][][][]=123&d=123&e[][]][]=3 +--FILE-- +<?php +var_dump($_POST, $php_errormsg); +?> +--EXPECT-- +array(4) { + ["a"]=> + string(1) "1" + ["b"]=> + string(3) "ZYX" + ["d"]=> + string(3) "123" + ["e"]=> + array(1) { + [0]=> + array(1) { + [0]=> + string(1) "3" + } + } +} +string(124) "Unknown: Input variable nesting level more than allowed 10 (change max_input_nesting_level in php.ini to increase the limit)" |