|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2016-11-18 20:53 UTC] kalle@php.net
-Status: Open
+Status: Wont fix
[2016-11-18 20:53 UTC] kalle@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Nov 04 20:00:01 2025 UTC |
Description: ------------ Hi there. Our policy prevents us from using CVS level code *grumble* however, I believe I have come up with what might be an acceptable mitigation method for cache slam defense (ie: bug16814) I'm aware of some of the pro's and cons with this method, but it seems to provide expected results. cache slam defense - have issues writing and overwriting. non cache slam defense - huge issue that can lead to explosion of apache alternate defense - can still have explosion of apache, but hopefully not as extreme due to one write point... If it's not convenient to do in module, or possible, well that's ok, but I thought I'd suggest it anyway. Reproduce code: --------------- function cache_store($entry, $value, $ttl = null) { $GLOBALS['please_cache_me'][$entry] = array( 'value' => $value, 'ttl' => $ttl ); } function cache_fetch($entry) { if (array_key_exists($entry, $GLOBALS['please_cache_me'])) return $GLOBALS['please_cache_me'][$entry]['value']; return apc_fetch($entry); } function cache_shutdown() { foreach ($GLOBALS['please_cache_me'] as $entry => $data) { apc_store($entry, $data['value'], $data['ttl']); } } register_shutdown_function('cache_shutdown'); cache_store('entry', 'value'); cache_store('entry', 'doh'); echo cache_fetch('entry'); Expected result: ---------------- doh Actual result: -------------- doh