Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Re^2: hash collision DOS (CGI.pm protection)

by Jenda (Abbot)
on Jun 03, 2003 at 10:36 UTC ( #262618=note: print w/replies, xml ) Need Help??


in reply to Re^2: hash collision DOS (CGI.pm protection)
in thread hash collision DOS

PodMaster is right. ->delete() comes too late. And even the $CGI::POST_MAX doesn't help much.

Imagine you have a file upload script. There you need to keep the $CGI::POST_MAX rather high so they may be able to post quite a few CGI parameters. And then even the creation of the hash that CGI.pm uses to store data may take a lot of time. And the grep and delete would only make the issue worse.

Jenda
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
   -- Rick Osborne

Edit by castaway: Closed small tag in signature

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://262618]
help
Chatterbox?
[atcroft]: stevieb: Also, one other odd question... is it possible to set it up so that all the versions installed can use a single directory that they pull module sources into, rather than duplicating files? (Am I making sense, or do I have too high a CBC
[atcroft]: (caffeine-blood content) atm?)
[atcroft]: .oO(Interesting... I just went to http://blogs.perl. org/, did a search for "Mars", and tried to go to the second page of results, and received instead a "Request-URI Too Large" message.... odd.)

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (5)
As of 2017-04-29 05:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I'm a fool:











    Results (531 votes). Check out past polls.