php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #60728 max_input_vars doesn't limiting multi-dimensional arrays
Submitted: 2012-01-12 14:14 UTC Modified: 2012-01-21 23:09 UTC
From: sv3tli0 at bgspot dot eu Assigned: frozenfire (profile)
Status: Closed Package: Variables related
PHP Version: 5.3.9 OS: Any
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: sv3tli0 at bgspot dot eu
New email:
PHP Version: OS:

 

 [2012-01-12 14:14 UTC] sv3tli0 at bgspot dot eu 
Description:
------------
The max_input_vars doesn't limiting multi-dimensional arrays!
If user post var[] the uploaded array wont be limitted.


Test script:
---------------
<form action="" method="post">
<?php
$max_input_vars = ini_get('max_input_vars');
for ($i=0; $i < $max_input_vars + 5; $i++) {
	echo "<input type='hidden' name='a[]' value='$i'>\n";
}
var_dump($max_input_vars);
var_dump(count($_POST));
?>
<input type="submit">
</form>

Expected result:
----------------
string(4) "1000"
int(1000)

Actual result:
--------------
string(4) "1000"
int(1005)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-12 14:16 UTC] sv3tli0 at bgspot dot eu 
I have one miss at the test code! 
var_dump(count($_POST));
must be :
var_dump(count($_POST[a]));
 [2012-01-12 17:34 UTC] rasmus@php.net 
The limit is per-nesting level actually because it is protecting against a hash-
collision DoS attack and only elements at the same nesting level can collide. So 
the code is fine, the documentation needs to be clearer.
 [2012-01-12 17:34 UTC] rasmus@php.net
-Type: Security +Type: Documentation Problem
 [2012-01-21 23:09 UTC] frozenfire@php.net 
Automatic comment from SVN on behalf of frozenfire
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=322553
Log: Rewrote max_input_vars directive description for clarity, and indicated that this limit applies only to each nesting level of a multidimensional input array. Closes bug #60728.
 [2012-01-21 23:09 UTC] frozenfire@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-01-21 23:09 UTC] frozenfire@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: frozenfire
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Jul 12 09:01:33 2025 UTC