[Phpmyadmin-devel] false alarm for deep recursion
Sebastian Mendel
lists at sebastianmendel.de
Tue May 1 08:46:53 CEST 2007
Sebastian Mendel schrieb:
> Marc Delisle schrieb:
>> Hi,
>>
>> In this bug:
>> http://sourceforge.net/tracker/index.php?func=detail&aid=1709463&group_id=23067&atid=377408
>>
>> there are many fields involved and we get a false alarm "possible deep
>> recursion attack". Do we really need to protect from 1000 recursions
>> overall? I think that protecting from 1000 recursions for each
>> superglobal would be correct.
>
> as it should do currently with
>
> core.lib.php#474:
>
> $recursive_counter--;
sorry, i really have currently very short time, thats why i do not have
taken o look nto it, but keep in mind - it should count only into the deep:
as this will not count:
$array[a0001] = ...
$array[a0002] = ...
$array[a0003] = ...
...
$array[a1000] = ...
but only this:
$array[][][][][][][][]...[]
so it confuses me that this limit of 1000 is reached, even for a big table ...
More information about the Developers
mailing list