Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:10248
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Message-ID: <03b401c448a8$30086a60$0200a8c0@rusko>
To: <internals@lists.php.net>
References: <001201c448a8$4ba310e0$74beebd5@wbp1>
Date: Wed, 2 Jun 2004 09:47:46 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-2"
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] virtual(),  an easy way to put Apache server in spirals down.
From: paul@rusko.us ("Paul G")

do you have a maximum mem restriction in your php.ini?

paul

----- Original Message ----- 
From: "NTPT" <ntpt@centrum.cz>
To: <internals@lists.php.net>
Sent: Wednesday, June 02, 2004 9:48 AM
Subject: [PHP-DEV] virtual(), an easy way to put Apache server in spirals
down.


Hi.

I think following things may be a security risk in mod_php, maybe allowing a
DoS attak if your server users can use  php engine for your www pages.


If you make a file  foo.php what contains  function  virtual(), pointing to
itself, ie virtual(foo.php)
at least in php 4.3.2  an infinite lop occure, that eat up all the memory
and  swap, eat all the  resouces and script is terminated with :

"failed to open stream: Limit of open files reached  "

and

Fatal error: Allowed memory size of 67108864 bytes exhausted at (null):0
(tried to allocate 4260 bytes) in Unknown on line 0


I suggest to add  a check for maximum recursion level in virtual() if
possible and   an appropriate directive into the php.ini file that can set
this recursion level.


Regards, NTPT

PS: please execuse my bad english