PHP :: Bug #60707 :: max_input_vars allows one extra var

Bug #60707

max_input_vars allows one extra var

Submitted:

2012-01-11 05:15 UTC

Modified:

Votes:	4
Avg. Score:	2.8 ± 1.5
Reproduced:	3 of 3 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

vrana@php.net

Assigned:

Status:

Open

Package:

Variables related

PHP Version:

5.3.9

OS:

Irrelevant

Private report:

CVE-ID:

None

View Developer Edit

[2012-01-11 05:15 UTC] vrana@php.net

Description:
------------
Setting max_input_vars to N allows N+1 variables.

Test script:
---------------
<form action="" method="post">
<?php
$max_input_vars = ini_get('max_input_vars');
for ($i=0; $i < $max_input_vars + 2; $i++) {
	echo "<input type='hidden' name='a$i' value='$i'>\n";
}
var_dump($max_input_vars);
var_dump(count($_POST));
?>
<input type="submit">
</form>


Expected result:
----------------
string(4) "1000"
int(1000)


Actual result:
--------------
string(4) "1000"
int(1001)

Patches

fix_bug_60707 (last revision 2014-11-05 22:48 UTC by thuejk at gmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2012-01-11 12:36 UTC] laruence@php.net

max_input_vars is used to protected from ddos attack, IMO it's not a big deal :)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Dec 03 17:01:29 2024 UTC