Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: Re^2: hash collision DOS (CGI.pm protection)

by Jenda (Abbot)
on Jun 03, 2003 at 10:36 UTC ( #262618=note: print w/ replies, xml ) Need Help??


in reply to Re^2: hash collision DOS (CGI.pm protection)
in thread hash collision DOS

PodMaster is right. ->delete() comes too late. And even the $CGI::POST_MAX doesn't help much.

Imagine you have a file upload script. There you need to keep the $CGI::POST_MAX rather high so they may be able to post quite a few CGI parameters. And then even the creation of the hash that CGI.pm uses to store data may take a lot of time. And the grep and delete would only make the issue worse.

Jenda
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
   -- Rick Osborne

Edit by castaway: Closed small tag in signature


Comment on Re: Re^2: hash collision DOS (CGI.pm protection)
Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://262618]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (7)
As of 2015-07-05 15:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (67 votes), past polls