Page 1 of 1

[FIXED] search module and component issue. importante pls check

Posted: Wed Nov 28, 2007 12:50 pm
by cosmoarg
hi pals!
I know that this topic should go in security forum, but It's important, and likekly ever joomla dev reads this forums.
There is a problem whit the search component. If you for example write this string "a a a a a a a a  a" will you get a lot of html code and probably your db will crash.
I have fixed with php and js validation. If smb needs helkp pls, ask me and I'll give a hand
Mariano

Re: security! search module and component issue. importante pls check

Posted: Wed Nov 28, 2007 1:12 pm
by dhuelsmann
cosmoarg wrote: hi pals!
I know that this topic should go in security forum, but It's important, and likekly ever joomla dev reads this forums.
There is a problem whit the search component. If you for example write this string "a a a a a a a a  a" will you get a lot of html code and probably your db will crash.
I have fixed with php and js validation. If smb needs helkp pls, ask me and I'll give a hand
Mariano
I confirmed that I get the following in 1.0.12:
Fatal error: Out of memory (allocated 526123008) (tried to allocate 780167260 bytes) in /home/kiwanisw/public_html/components/com_search/search.php on line 178

Re: security! search module and component issue. importante pls check

Posted: Sat Jan 26, 2008 12:13 pm
by Robin
Dev note; this has been fixed in 1.0.14 RC1

Closing report