On Mon, Jan 9, 2012 at 5:36 PM, Xinchen Hui <[email protected]> wrote: > Hi: > I have a new idea, which is simple and also works for Jason/serialized etc. > > That is Restricting a max length of a buckets list in a hash table. > > If a bucket's length exceed 1024, any insertion into this bucket > will return failure and a warning will be generated. > > What do you think?
That seems like a very good approach (until we have randomization). It would fix the issue in a generic way so not all functions need to be patched one by one. It also will not hurt legit uses of many POST variables (or large serialized arrays). -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
