Sebastian Mendel a écrit : > Marc Delisle schrieb: >> Sebastian, >> >> this part of the patch: >> /** >> + * protect against deep recursion attack CVE-2006-1549, >> + * 1000 seems to be more than enough >> + * >> + * @see http://www.php-security.org/MOPB/MOPB-02-2007.html >> + * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549 >> + */ >> +if (count($GLOBALS) > 1000) { >> + die('possible deep recurse attack'); >> +} >> >> is not reached when I test the attack of MOPB-02, it's the other >> part that protects for this attack. >> >> Do you know in which case this code would trigger? In the case of an >> attempt to override $GLOBALS? > it should trigger if and only if register_globals is on I cannot make this code trigger when register_globals is on, it's always the protection in PMA_arrayWalkRecursive() that triggers. I'm attacking with curl http://127.0.0.1/phpmyadmin/ -d a`php -r 'echo str_repeat("[a]",20000);'`=1 do you have some other attack in mind?