[development] Possible security issue in Drupal with previous/next thread in forum

Jean-Michel Pouré jm at poure.com
Wed Aug 26 18:39:59 UTC 2009


Dear Phil.

> Firstly, if it is a security issue this is not the right place to  
> report it. You should be using the existing method:  
> http://drupal.org/security-team#report-issue

Website down.

> Can you be more exact than "The number of rows seems too large"?
> Either it's right or wrong. If it's wrong, what is the right number?
> And if it's wrong, is the SQL statment wrong, the processing that  
> comes next or somewhere else?

I see no need to run an SQL query resulting in 21.000 rows which are
then processed using PHP row-by-row for the sole interest of displaying
in a bloc with last and next link.

The query takes time to process. An attacker only needs to connect to
several different forum pages at the same time. It can overflod the
database, not PHP.

As I am new on the list, I will stop here. It is not my business to fix
this kind of query (if it is wrong). If I were right, you would probably
have already fixed it.

Kind regards,
Jean-Michel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://lists.drupal.org/pipermail/development/attachments/20090826/279b6c61/attachment.pgp>


More information about the development mailing list