]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65f3544)
limit nesting level of input variables
authorStanislav Malyshev <stas@php.net>
Fri, 2 Mar 2007 22:04:46 +0000 (22:04 +0000)
committerStanislav Malyshev <stas@php.net>
Fri, 2 Mar 2007 22:04:46 +0000 (22:04 +0000)
main/main.c patch | blob | history
main/php_globals.h patch | blob | history
main/php_variables.c patch | blob | history

diff --git a/main/main.c b/main/main.c
index 283bda1e5c44cf3cc982a4e1e1d1443ff6f09f52..1af4b17142032f823765cb250e03a878f94484de 100644 (file)
--- a/main/main.c
+++ b/main/main.c
@@ -402,6 +402,7 @@ PHP_INI_BEGIN()
        STD_PHP_INI_ENTRY("upload_max_filesize",        "2M",           PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLong,                   upload_max_filesize,    php_core_globals,       core_globals)
        STD_PHP_INI_ENTRY("post_max_size",                      "8M",           PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLong,                   post_max_size,                  sapi_globals_struct,sapi_globals)
        STD_PHP_INI_ENTRY("upload_tmp_dir",                     NULL,           PHP_INI_SYSTEM,         OnUpdateStringUnempty,  upload_tmp_dir,                 php_core_globals,       core_globals)
+       STD_PHP_INI_ENTRY("max_input_nesting_level", "64",              PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateLongGEZero,     max_input_nesting_level,                        php_core_globals,       core_globals)
 
        STD_PHP_INI_ENTRY("user_dir",                           NULL,           PHP_INI_SYSTEM,         OnUpdateString,                 user_dir,                               php_core_globals,       core_globals)
        STD_PHP_INI_ENTRY("variables_order",            "EGPCS",        PHP_INI_SYSTEM|PHP_INI_PERDIR,          OnUpdateStringUnempty,  variables_order,                php_core_globals,       core_globals)
diff --git a/main/php_globals.h b/main/php_globals.h
index 65a093478edd22ffe28813288b9bed5709a298da..04da9289c23438edbe321f57fa5b6ca25eaaf9b4 100644 (file)
--- a/main/php_globals.h
+++ b/main/php_globals.h
@@ -141,6 +141,7 @@ struct _php_core_globals {
 #ifdef PHP_WIN32
        zend_bool com_initialized;
 #endif
+       long max_input_nesting_level;
 };
 
 
diff --git a/main/php_variables.c b/main/php_variables.c
index 91884769f772abfafb9a1541b2f50b788c2d27fc..81e0501fdbe6f03a32d0b83619ff319bef03047c 100644 (file)
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -127,10 +127,16 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
        index_len = var_len;
 
        if (is_array) {
+               int nest_level = 0;
                while (1) {
                        char *index_s;
                        int new_idx_len = 0;
 
+                       if(++nest_level > PG(max_input_nesting_level)) {
+                               /* too many levels of nesting */
+                               php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variable nesting level more than allowed %d (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level));
+                       }
+
                        ip++;
                        index_s = ip;
                        if (isspace(*ip)) {
Unnamed repository; edit this file 'description' to name the repository.