From 0e5f61656c6b867abb04f16106d0928faa1dece3 Mon Sep 17 00:00:00 2001
From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 27 Oct 2009 16:13:48 +0000
Subject: Introduced a max_file_uploads INI setting, which is set to limit the
 number of file uploads per-request to 100 by default, to prevent possible DOS
 via temporary file exhaustion.

---
 main/main.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'main/main.c')

diff --git a/main/main.c b/main/main.c
index 14c6559cb7..ac5a502a19 100644
--- a/main/main.c
+++ b/main/main.c
@@ -602,6 +602,7 @@ PHP_INI_BEGIN()
 	PHP_INI_ENTRY("mail.force_extra_parameters",NULL,		PHP_INI_SYSTEM|PHP_INI_PERDIR,		OnChangeMailForceExtra)
 	PHP_INI_ENTRY("disable_functions",			"",			PHP_INI_SYSTEM,		NULL)
 	PHP_INI_ENTRY("disable_classes",			"",			PHP_INI_SYSTEM,		NULL)
+	PHP_INI_ENTRY("max_file_uploads",			"100",			PHP_INI_SYSTEM,		NULL)
 
 	STD_PHP_INI_BOOLEAN("allow_url_fopen",		"1",		PHP_INI_ALL,		OnUpdateAllowUrl,	allow_url_fopen_list,	php_core_globals,	core_globals)
 	STD_PHP_INI_BOOLEAN("allow_url_include",	"0",		PHP_INI_ALL,		OnUpdateAllowUrl,	allow_url_include_list,	php_core_globals,	core_globals)
-- 
cgit v1.2.1