Please sign in to comment.
Add an upper bound to the POST data SecurityComponent will consider.
'Kurita Takashi' has let us know that the previous patterns could be abused by an evil doer. One could potentially send a very large deeply nested POST data structure. Matching that structure could overflow the PCRE limits causing a segmentation fault. Adding an upper bound will solve the problem and I doubt anyone is doing POST data structures with more than 10 levels of nesting.
- Loading branch information...
Showing with 2 additions and 2 deletions.