ME:Consider the following:<?session_start();print "<pre>"; print

1.  
2. ME:
3.  
4.  
5. Consider the following:
6.  
7. <?
8. session_start();
9. print "<pre>"; print_r($_SESSION); print "</pre>";
10. $x = "YYYYYYYY";
11. $date = date("%c");
12. $_SESSION['before'] = $date;
13. $count = 0 + $_GET['count'];
14. for ($i = 0; $i < $count; $i++) {
15. $x = $x . "XXXXXXXXXXXXXXXXXXx";
16. $var[$i] = $x;
17. if ($i % 10 == 0)
18. print "$i " . memory_get_usage() . "\n";
19. }
20. $_SESSION['after'] = $date;
21. ?>
22.  
23. On a webserver call this function with "memory.php?count=1000". On your next reload, "before" and "after" will have the same value, as they should.
24.  
25. Try with "memory.php?count=10000" which can take out most (all?) normal setups. After memory is exhausted, the session is still written to disk, but we were partially though the function. There seems to way in the language to prepare any kind of "critical section" where things are either entirely done or not done at all (such as by disabling the session_save_path() to /dev/null and then changing it back at the end).
26.  
27.  
28. HIM:
29.  
30.  
31. Are you sure it crashes? Or did you get a memory limit (input vars) error?
32.  
33. Can you enable the error log and check what happens? Or simply
34. display_erros on (and show source if you get a white page) :)
35.  
36. Cheers,
37.  
38.  
39. ME:
40.  
41.  
42. Running from a command prompt I get something like this:
43.  
44. PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 133957984 bytes) in /home/weberdan/memory.php on line 11
45.  
46. Although I needed to futz around with sessions a bit when using it from the command line.
47.  
48. I also get the same error on the web page with display_errors turned to on.
49.  
50. In some scripts the memory usage is something that the user may be able to control, allowing a malicious user to be able to interrupt the program at a place of her choosing, and then the broken state would be written to disk and available on the next page load.
51.  
52.  
53. HIM:
54.  
55.  
56. hi!
57.  
58. On Wed, Aug 7, 2013 at 5:52 PM, Dan Weber <weberdan@gmail.com> wrote:
59. > Running from a command prompt I get something like this:
60. >
61. > PHP Fatal error: Allowed memory size of 134217728 bytes exhausted
62. > (tried to allocate 133957984 bytes) in /home/weberdan/memory.php on line 11
63. >
64. > Although I needed to futz around with sessions a bit when using it from the
65. > command line.
66. >
67. > I also get the same error on the web page with display_errors turned to on.
68. >
69. > In some scripts the memory usage is something that the user may be able to
70. > control, allowing a malicious user to be able to interrupt the program at a
71. > place of her choosing, and then the broken state would be written to disk
72. > and available on the next page load.
73.  
74. So there is no bug per se here, security related or normal bug.
75. Increase or disable the memory limit to solve this problem.
76.  
77. Cheers,