Sebastian Mendel a écrit :
Marc Delisle schrieb:
curl
http://localhost/phpmyadmin/?`php -r
'for ($i=1; $i < 1000; $i++)
{echo "x" . $i . "=a&";}'`
-> URI too long
curl
http://localhost/phpmyadmin/?`php -r 'for ($i=1; $i < 1000; $i++)
{echo "x" . $i . "=a&";}'`
-> login form
curl
http://localhost/phpmyadmin/?`php -r 'for ($i=1; $i < 1000; $i++)
{echo "x" . $i . "=1&";}'`
-> URI too long
works for me:
deep_recusrion.php
<?php
echo 'register_globals: ' . ini_get('register_globals');
echo '<hr />';
echo '<a href="?';
for ($i = 1; $i < 1010; $i++) {echo "x" . $i . "=a&";}
echo '">klick to test protection against 1000+ vars</a>';
echo '<hr />';
if (count($GLOBALS) > 1000) {
die('deep recursion attack');
}
?>
I wrote that I was testing an unpatched PMA. I'm not saying that our
"if" does not work, I'm saying that I don't see the goal of checking the
size of $GLOBALS.
Marc