On Wed, Oct 22, 2014 at 9:18 PM, Daniel Zulla <daniel.zu...@gmail.com> wrote:
> What happens if you exceed uint32? > > Just curious, security-wise, because AFAIR exceeding uint32 would be > possible through superglobals only, which a potential attacker could abuse. > > param=foo > > param[a]=foo¶m[b]=foo¶m[c]=foo¶m[…]=foo (reaching uin32+1) > Creating an array that overflows uint32_t size requires at least 128 GB of memory (the way you wrote it more like ~500GB of memory). It's just not a realistic scenario. If you happen to have that much memory available and overflow the size, PHP will probably crash. We don't currently check overflows for this (at least not correctly). Nikita
