[PHP-BUG] Bug #61000 [NEW]: Exceeding max nesting level doesn't delete numerical vars

Tue, 07 Feb 2012 01:46:13 -0800 

From:             cataphract
Operating system: Irrelevant
PHP version:      trunk-SVN-2012-02-07 (snap)
Package:          Scripting Engine problem
Bug Type:         Bug
Bug description:Exceeding max nesting level doesn't delete numerical vars

Description:
------------
Exceeding the max nesting level doesn't delete numerical vars, while it
deletes the non-numerical ones. php_register_variable_ex inappropriately
uses zend_hash_del.

(Found out by Stefan Esser, who points this can be used, together with
max_input_vars, to determine whether PHP is a 32-bit or 64-bit process)

Test script:
---------------
With max nesting level=2:

http://nebm.ist.utl.pt/phpinfo?1[a][]=foo&1[a][b][c]=bar



Expected result:
----------------
_GET is empty

Actual result:
--------------
_GET["1"] =
Array
(
    [a] => Array
        (
            [0] => foo
        )

)

-- 
Edit bug report at https://bugs.php.net/bug.php?id=61000&edit=1
-- 
Try a snapshot (PHP 5.4):            
https://bugs.php.net/fix.php?id=61000&r=trysnapshot54
Try a snapshot (PHP 5.3):            
https://bugs.php.net/fix.php?id=61000&r=trysnapshot53
Try a snapshot (trunk):              
https://bugs.php.net/fix.php?id=61000&r=trysnapshottrunk
Fixed in SVN:                        
https://bugs.php.net/fix.php?id=61000&r=fixed
Fixed in SVN and need be documented: 
https://bugs.php.net/fix.php?id=61000&r=needdocs
Fixed in release:                    
https://bugs.php.net/fix.php?id=61000&r=alreadyfixed
Need backtrace:                      
https://bugs.php.net/fix.php?id=61000&r=needtrace
Need Reproduce Script:               
https://bugs.php.net/fix.php?id=61000&r=needscript
Try newer version:                   
https://bugs.php.net/fix.php?id=61000&r=oldversion
Not developer issue:                 
https://bugs.php.net/fix.php?id=61000&r=support
Expected behavior:                   
https://bugs.php.net/fix.php?id=61000&r=notwrong
Not enough info:                     
https://bugs.php.net/fix.php?id=61000&r=notenoughinfo
Submitted twice:                     
https://bugs.php.net/fix.php?id=61000&r=submittedtwice
register_globals:                    
https://bugs.php.net/fix.php?id=61000&r=globals
PHP 4 support discontinued:          
https://bugs.php.net/fix.php?id=61000&r=php4
Daylight Savings:                    https://bugs.php.net/fix.php?id=61000&r=dst
IIS Stability:                       
https://bugs.php.net/fix.php?id=61000&r=isapi
Install GNU Sed:                     
https://bugs.php.net/fix.php?id=61000&r=gnused
Floating point limitations:          
https://bugs.php.net/fix.php?id=61000&r=float
No Zend Extensions:                  
https://bugs.php.net/fix.php?id=61000&r=nozend
MySQL Configuration Error:           
https://bugs.php.net/fix.php?id=61000&r=mysqlcfg

Reply via email to