diff options
Diffstat (limited to 'main/php/max_input_vars.patch')
-rw-r--r-- | main/php/max_input_vars.patch | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/main/php/max_input_vars.patch b/main/php/max_input_vars.patch deleted file mode 100644 index 8366a3dd6..000000000 --- a/main/php/max_input_vars.patch +++ /dev/null @@ -1,63 +0,0 @@ -Index: PHP_5_3/NEWS -=================================================================== ---- PHP_5_3/NEWS (revision 321037) -+++ PHP_5_3/NEWS (revision 321038) -@@ -2,6 +2,10 @@ - ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| - ?? ??? 2011, PHP 5.3.9 - -+- Core: -+ . Added max_input_vars directive to prevent attacks based on hash collisions -+ (Dmitry). -+ - - Streams: - . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together - with the last read). (Gustavo) -Index: PHP_5_3/main/php_variables.c -=================================================================== ---- PHP_5_3/main/php_variables.c (revision 321037) -+++ PHP_5_3/main/php_variables.c (revision 321038) -@@ -191,6 +191,9 @@ - } - if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE - || Z_TYPE_PP(gpc_element_p) != IS_ARRAY) { -+ if (zend_hash_num_elements(symtable1) >= PG(max_input_vars)) { -+ php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars)); -+ } - MAKE_STD_ZVAL(gpc_element); - array_init(gpc_element); - zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); -@@ -236,6 +239,9 @@ - zend_symtable_exists(symtable1, escaped_index, index_len + 1)) { - zval_ptr_dtor(&gpc_element); - } else { -+ if (zend_hash_num_elements(symtable1) >= PG(max_input_vars)) { -+ php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variables exceeded %ld. To increase the limit change max_input_vars in php.ini.", PG(max_input_vars)); -+ } - zend_symtable_update(symtable1, escaped_index, index_len + 1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p); - } - if (escaped_index != index) { -Index: PHP_5_3/main/main.c -=================================================================== ---- PHP_5_3/main/main.c (revision 321037) -+++ PHP_5_3/main/main.c (revision 321038) -@@ -512,6 +512,7 @@ - STD_PHP_INI_ENTRY("post_max_size", "8M", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLong, post_max_size, sapi_globals_struct,sapi_globals) - STD_PHP_INI_ENTRY("upload_tmp_dir", NULL, PHP_INI_SYSTEM, OnUpdateStringUnempty, upload_tmp_dir, php_core_globals, core_globals) - STD_PHP_INI_ENTRY("max_input_nesting_level", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_nesting_level, php_core_globals, core_globals) -+ STD_PHP_INI_ENTRY("max_input_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateLongGEZero, max_input_vars, php_core_globals, core_globals) - - STD_PHP_INI_ENTRY("user_dir", NULL, PHP_INI_SYSTEM, OnUpdateString, user_dir, php_core_globals, core_globals) - STD_PHP_INI_ENTRY("variables_order", "EGPCS", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateStringUnempty, variables_order, php_core_globals, core_globals) ---- ./main/php_globals.h.orig -+++ ./main/php_globals.h -@@ -170,6 +170,9 @@ - char *mail_log; - - zend_bool in_error_log; -+ -+ long max_input_vars; -+ - }; - - |