diff options
author | Michal Čihař <michal@cihar.com> | 2016-09-02 14:42:15 +0300 |
---|---|---|
committer | Michal Čihař <michal@cihar.com> | 2016-09-02 14:44:43 +0300 |
commit | 283f5d10ce65e0656f98335bd1f2767fba3be6db (patch) | |
tree | 9c8ec6490144b71a41687ee9eb9d3b4576fbd43e /import.php | |
parent | 0a20356ec4110e682b5bbb219f5f08db10bc418c (diff) |
Fix possible DOS on too big skip value
- loop only as long as long we have data to skip
- convert skip parameter to integer
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'import.php')
-rw-r--r-- | import.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/import.php b/import.php index 5afdd869b4..fbb6f09dae 100644 --- a/import.php +++ b/import.php @@ -613,8 +613,8 @@ if ($GLOBALS['PMA_recoding_engine'] != PMA_CHARSET_NONE && isset($charset_of_fil // Something to skip? (because timeout has passed) if (! $error && isset($_POST['skip'])) { - $original_skip = $skip = $_POST['skip']; - while ($skip > 0) { + $original_skip = $skip = intval($_POST['skip']); + while ($skip > 0 && ! $finished) { PMA_importGetNextChunk($skip < $read_limit ? $skip : $read_limit); // Disable read progressivity, otherwise we eat all memory! $read_multiply = 1; |