[development] Possible security issue in Drupal with previous/next thread in forum
Jean-Michel Pouré
jm at poure.com
Wed Aug 26 18:39:59 UTC 2009
Dear Phil.
> Firstly, if it is a security issue this is not the right place to
> report it. You should be using the existing method:
> http://drupal.org/security-team#report-issue
Website down.
> Can you be more exact than "The number of rows seems too large"?
> Either it's right or wrong. If it's wrong, what is the right number?
> And if it's wrong, is the SQL statment wrong, the processing that
> comes next or somewhere else?
I see no need to run an SQL query resulting in 21.000 rows which are
then processed using PHP row-by-row for the sole interest of displaying
in a bloc with last and next link.
The query takes time to process. An attacker only needs to connect to
several different forum pages at the same time. It can overflod the
database, not PHP.
As I am new on the list, I will stop here. It is not my business to fix
this kind of query (if it is wrong). If I were right, you would probably
have already fixed it.
Kind regards,
Jean-Michel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://lists.drupal.org/pipermail/development/attachments/20090826/279b6c61/attachment.pgp>
More information about the development
mailing list