php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60707 max_input_vars allows one extra var
Submitted: 2012-01-11 05:15 UTC Modified: -
Votes:4
Avg. Score:2.8 ± 1.5
Reproduced:3 of 3 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: vrana@php.net Assigned:
Status: Open Package: Variables related
PHP Version: 5.3.9 OS: Irrelevant
Private report: No CVE-ID: None
 [2012-01-11 05:15 UTC] vrana@php.net
Description:
------------
Setting max_input_vars to N allows N+1 variables.

Test script:
---------------
<form action="" method="post">
<?php
$max_input_vars = ini_get('max_input_vars');
for ($i=0; $i < $max_input_vars + 2; $i++) {
	echo "<input type='hidden' name='a$i' value='$i'>\n";
}
var_dump($max_input_vars);
var_dump(count($_POST));
?>
<input type="submit">
</form>


Expected result:
----------------
string(4) "1000"
int(1000)


Actual result:
--------------
string(4) "1000"
int(1001)


Patches

fix_bug_60707 (last revision 2014-11-05 22:48 UTC by thuejk at gmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-11 12:36 UTC] laruence@php.net
max_input_vars is used to protected from ddos attack, IMO it's not a big deal :)
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Oct 11 21:01:27 2024 UTC