Patch fix_bug_60707 for Variables related Bug #60707
Patch version 2014-11-05 22:48 UTC
Return to Bug #60707 |
Download this patch
Patch Revisions:
Developer: thuejk@gmail.com
--- ../php-5.6.2_orig/main/php_variables.c 2014-10-15 14:59:32.000000000 +0200
+++ main/php_variables.c 2014-11-05 23:40:16.782871839 +0100
@@ -239,7 +239,7 @@
uint64_t cnt;
} post_var_data_t;
-static zend_bool add_post_var(zval *arr, post_var_data_t *var, zend_bool eof TSRMLS_DC)
+static int add_post_var(zval *arr, post_var_data_t *var, zend_bool eof TSRMLS_DC, uint64_t max_vars, zend_bool *max_vars_exceeded)
{
char *ksep, *vsep, *val;
size_t klen, vlen;
@@ -259,6 +259,15 @@
}
}
+ if (var->cnt >= max_vars) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING,
+ "Input variables exceeded %" PRIu64 ". "
+ "To increase the limit change max_input_vars in php.ini.",
+ max_vars);
+ *max_vars_exceeded = 1;
+ return 0;
+ }
+
ksep = memchr(var->ptr, '=', vsep - var->ptr);
if (ksep) {
*ksep = '\0';
@@ -291,17 +300,15 @@
static inline int add_post_vars(zval *arr, post_var_data_t *vars, zend_bool eof TSRMLS_DC)
{
uint64_t max_vars = PG(max_input_vars);
+ zend_bool max_vars_exceeded = 0;
vars->ptr = vars->str.c;
vars->end = vars->str.c + vars->str.len;
- while (add_post_var(arr, vars, eof TSRMLS_CC)) {
- if (++vars->cnt > max_vars) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
- "Input variables exceeded %" PRIu64 ". "
- "To increase the limit change max_input_vars in php.ini.",
- max_vars);
- return FAILURE;
- }
+ while (add_post_var(arr, vars, eof TSRMLS_CC, max_vars, &max_vars_exceeded)) {
+ vars->cnt++;
+ }
+ if (max_vars_exceeded) {
+ return FAILURE;
}
if (!eof) {
|
Copyright © 2001-2024 The PHP Group