Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:57306
Return-Path: <laruence@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 68682 invoked from network); 9 Jan 2012 17:12:58 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 9 Jan 2012 17:12:58 -0000
Authentication-Results: pb1.pair.com smtp.mail=laruence@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=laruence@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.42 as permitted sender)
X-PHP-List-Original-Sender: laruence@gmail.com
X-Host-Fingerprint: 209.85.212.42 mail-vw0-f42.google.com  
Received: from [209.85.212.42] ([209.85.212.42:55227] helo=mail-vw0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 81/05-46289-9102B0F4 for <internals@lists.php.net>; Mon, 09 Jan 2012 12:12:58 -0500
Received: by vbbfd1 with SMTP id fd1so2945528vbb.29
        for <internals@lists.php.net>; Mon, 09 Jan 2012 09:12:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=references:from:in-reply-to:mime-version:date:message-id:subject:to
         :cc:content-type:content-transfer-encoding;
        bh=xz+LQC8R8Kh55xkswtVwrtdDC+YXKhDqV6UEkqRJkNs=;
        b=B5kgBDAgDY9YbOr0AehgzJYifeEPgqveb0piHMagtyLjj1Vglfg4btpYaUZJJulTtJ
         FEsR1rkFki3hRavqw/cd4BhROy7FZkZUtrtnsy7gf7SUDiKy2upH4jtj0Yv1Nh/w89SF
         QKBXVxk7RdkNRflavK0vRSRDkcgMBt8J/GRkY=
Received: by 10.52.33.68 with SMTP id p4mr7948393vdi.52.1326129174891; Mon, 09
 Jan 2012 09:12:54 -0800 (PST)
References: <CAEZPtU44aag3z-oGAx+mF1dvr9qF0ZLpdW3pHFWEe0uwbchMBQ@mail.gmail.com>
 <6268389813742875794@unknownmsgid> <BB121D7B-95AC-4DBB-9D39-5337138AFC77@nopiracy.de>
 <6614496271356606712@unknownmsgid> <227C8642-C0E3-477E-BE45-D5CA5BDF16DE@nopiracy.de>
In-Reply-To: <227C8642-C0E3-477E-BE45-D5CA5BDF16DE@nopiracy.de>
Mime-Version: 1.0 (1.0)
Date: Tue, 10 Jan 2012 01:12:49 +0800
Message-ID: <7299985749097766369@unknownmsgid>
To: Stefan Esser <stefan@nopiracy.de>
Cc: Pierre Joye <pierre.php@gmail.com>, PHP internals <internals@lists.php.net>, 
	=?UTF-8?Q?Johannes_Schl=C3=BCter?= <johannes@schlueters.de>, 
	Laruence <laruence@php.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] Re: 5.3.9, Hash DoS, release
From: laruence@gmail.com (Xinchen Hui)

Sent from my iPhone

=E5=9C=A8 2012-1-10=EF=BC=8C1:07=EF=BC=8CStefan Esser <stefan@nopiracy.de> =
=E5=86=99=E9=81=93=EF=BC=9A

> Hello,
>
>>   I am not sure whether you have understood my point.
> I understood your point: you want to break HashTables because 1024 collid=
ing entries could have an performance impact. This could break thousands of=
 scripts.
>
> for ($i=3D0; $i<2000; $i++) $arr[$i<<16] =3D 1;
>
> would stop working, while it should not.
Sure, but why do you want to do this? Kill your own pc?

 So I can not agree with you on "*thousands* scripts".

And if 1024 is not enough, then 2048, 4096 at most.

Thanks
>
> Regards,
> Stefan Esser