[Phpmyadmin-devel] MOPB-02-2007 deep recursion,
Marc Delisle
Marc.Delisle at cegepsherbrooke.qc.ca
Thu Mar 1 19:25:02 CET 2007
Sebastian Mendel a écrit :
> Marc Delisle schrieb:
>
>> Ok, if you want to commit to trunk, I'll test here. Then we'll probably
>> release 2.10.0.2.
>
> if have commited to trunk
>
>
>> Now, what do we do with
>> http://sourceforge.net/tracker/index.php?func=detail&aid=1647030&group_id=23067&atid=377408
>>
>> they want security fixes published as patches. It's more work for us,
>> but I can understand distro maintainers.
>
> i have created this patch adn attached to the bug report
>
>
Sebastian,
this part of the patch:
/**
+ * protect against deep recursion attack CVE-2006-1549,
+ * 1000 seems to be more than enough
+ *
+ * @see http://www.php-security.org/MOPB/MOPB-02-2007.html
+ * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
+ */
+if (count($GLOBALS) > 1000) {
+ die('possible deep recurse attack');
+}
is not reached when I test the attack of MOPB-02, it's the other part
that protects for this attack.
Do you know in which case this code would trigger? In the case of an
attempt to override $GLOBALS?
Marc
More information about the Developers
mailing list