On 30/04/2015 02:24, Yasuo Ohgaki wrote:
"Type hints" have never been hints. The wording is a misnomer. Try to
pass an int to a parameter declared as array, for instance.
I understand how it worked and how it will.
"hint" sounds a little misleading. Since we named it already, we may follow
the semantics.
Or, since we chose the semantics already, we may consider better names
(see on-going discussion on PHP-DOC list, for example).
A fatal error wouldn't constitute a DoS vulnerability, would it?
Attacker may inject huge ID value and/or they may simply access
web sites to reach 2 billion limit, for example.
That's not a DoS vector unless you've also done something else wrong,
it's just an embarassing error like many others. A lot of the time, the
DB will overflow first anyway, because an SQL "int" is signed 32-bit.
Hell, YouTube had a 32-bit int for number of views until Gangnam Style
overflowed it!
Sure, if a user can somehow insert custom data into a BigInt DB column,
via a 32-bit webserver, without causing the error on the way in, but in
such a way that other users would end up retrieving that record when
they tried to access the site, and it was then run through a function
with an "int" type annotation you'd have a Denial of Service. That's
hardly "PHP 7 broke my website", though.
Regards,
--
Rowan Collins
[IMSoP]
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
