Sebastian Mendel a écrit :
Marc Delisle schrieb:
Sebastian,
this part of the patch: /**
- protect against deep recursion attack CVE-2006-1549,
- 1000 seems to be more than enough
- */
+if (count($GLOBALS) > 1000) {
- die('possible deep recurse attack');
+}
is not reached when I test the attack of MOPB-02, it's the other part that protects for this attack.
Do you know in which case this code would trigger? In the case of an attempt to override $GLOBALS?
it should trigger if and only if register_globals is on
I cannot make this code trigger when register_globals is on, it's always the protection in PMA_arrayWalkRecursive() that triggers.
I'm attacking with curl http://127.0.0.1/phpmyadmin/ -d a`php -r 'echo str_repeat("[a]",20000);'`=1
do you have some other attack in mind?
Marc