File: 030_CVE-2007-1325.patch

package info (click to toggle)
phpmyadmin 4%3A2.9.1.1-13
  • links: PTS
  • area: main
  • in suites: etch
  • size: 13,324 kB
  • ctags: 119,177
  • sloc: php: 148,860; sh: 645; sql: 224; perl: 142
file content (22 lines) | stat: -rw-r--r-- 648 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
--- 2.9.1.1.orig/libraries/common.lib.php.orig	2007-08-10 14:23:28.000000000 +0200
+++ 2.9.1.1/libraries/common.lib.php	2007-08-10 14:27:18.000000000 +0200
@@ -510,6 +510,11 @@
  */
 function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false)
 {
+    static $recursive_counter = 0;
+    if (++$recursive_counter > 1000) {
+        die('possible deep recursion attack');
+    }
+
     foreach ($array as $key => $value) {
         if (is_array($value)) {
             PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also);
@@ -525,6 +530,7 @@
             }
         }
     }
+    $recursive_counter--;
 }
 
 /**