changed message for possible exploit detection

2007-03-02 16:07:47 +00:00
parent 30e9b896b6
commit be92d591b1
1 changed files with 3 additions and 7 deletions
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -2704,14 +2704,10 @@ if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])
 }

 /**
- * protect against deep recursion attack CVE-2006-1549,
- * 1000 seems to be more than enough
- *
- * @see http://www.php-security.org/MOPB/MOPB-02-2007.html
- * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
+ * protect against possible exploits - there is no need to have so much vars
 */
-if (count($GLOBALS) > 1000) {
-    die('possible deep recurse attack');
+if (count($_REQUEST) > 1000) {
+    die('possible exploit');
 }

 /**