A horrible PHP denial of service vulnerability fix in 5.3.5 and 5.2.17 Please make sure you upgrade your PHP version to the latest version as soon as possible as it has a major security flaw which makes websites subject to the following DOS attack.
All you have to do is make PHP interpreter (older than 5.3.5 or 5.2.17) to convert string "2.2250738585072011e-308" to be casted into a numeric type. So if you have a form that accepts numbers which are then cast from strings into numeric values on server side you are probably affected.
Example of this DOS vulnerability
If you have a following form processing script on your site:
<?php
if( $_GET['n'] > 0 ){
echo "ok";
}else{
echo "not ok";
}
?>
All you have to do is run the script in the browser with:
script.php?n=2.2250738585072011e-308
This makes script hang forever using 100% processing capacity on one core. Run a few dozens of those and your server will become unaccessible due to high average load.
Affected systems
From php.net: "The problem is known to only affect x86 32-bit PHP processes, regardless of whether the system hosting PHP is 32-bit or 64-bit.".
My Windows Vista based PHP 5.3 on my laptop is affected as well as my development Debian with PHP 5.3.3. My Mac OSX 5.2 version is not affected. Fortunately all our production servers are pure 64 bit .... but oh man.... that was close!
Stay safe!
Main Blog Categories
About the author
Hi, my name is Artur Ejsmont,
welcome to my blog.
I am a passionate software engineer living in Sydney and working for Yahoo! Drop me a line or leave a comment.
Enjoy!
Comments
Well, my post was actually
Well, my post was actually about a different issue but its not a big deal : -)
You can check if variable is in GET array using isset() so you would not get the notice anymore.
if( isset($_GET['work']) && $_GET['work'] == 'calsched') ){
....
}
In this case second part of the if condition wont execute as isset() will return false if index is missing.
Art
I have some problem in
I have some problem in php5.3.5. When I use Get($_GET[]), it show the warning "Notice: Undefined index: work in C:\xampp\htdocs\Education\afterlogin.php on line 136"
Line 136 in my page :
if($_GET['work'] == 'calsched'){}
Is there any solution?
Thanks.
Definitely one of the funnier
Definitely one of the funnier bugs. Glad to see the language was patched so quickly. BTW, I dig your blog as well.. Some interesting posts on here (including the glassfish one.. its my preferred java container.
Post new comment