|
possible dos attack with wordpress + php float issues with non cached sites
their is a float issue with php and it could be used for a denial of service attack, by simply visiting the url with many connections, like using apache benchmark tool. I submitted the bug to the wordpress trac.
just a warning/heads up. http://core.trac.wordpress.org/ticket/16097 |
Thanks fris.
|
Nice to know you even doing debugging now.
|
hopefully this will be fixed soon
|
I only cared about the PHP bug part
so i kept reading to find out where the problem is and apparently its an unfixable, design flaw in Intel architecture. i dont think wordpress will be able to fix it. cause no matter what you do even if you attempt to sanitize the number via php, its gonna to hit the bug. This doesnt effect all machines/setups, its a hardware thing |
I can't wait to upgrade AGAIN!
|
So this magic number is going to hang ANY php script which is expecting a number as an input variable?!? We're fucked then.
Wonder if $blah = round($_GET["variable"]); will also hang? |
php -r "print 2.2250738585072011e-308;"
Tried it on all my servers running various versions of FreeBSD and PHP... 32 bit OS versions consistently hang, 64 bit ones work fine. I bet a bunch of /b/'ers are creaming their pants right now. edit: to answer my earlier question, php -r "echo round(2.2250738585072011e-308);" also hangs. Looks like fixing PHP is the only solution. |
Oh yeah... some of you fuckers are getting some love right now...
Muuaahhhahahahahahahaha! |
| All times are GMT -7. The time now is 06:20 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123