Bill Clark wrote:
On Thu, 15 Jul 2004 15:50:53 +1000, Tim Starling
<ts4294967296(a)hotmail.com> wrote:
This is unacceptable because people want to use
templates for things
which are included many times in a single page, like superscript "Le" on
fr, or fancy bullet points.
How about a MAX_INCLUDE_DEPTH then, instead?
The vulnerability with inclusion was pointed out when we had a
hard-coded maximum depth of 1. As I explained in a comment in the source
file:
#----------------------------------------
# Variable substitution O(N^2) attack
#-----------------------------------------
# Without countermeasures, it would be possible to attack the parser by
saving a page
# filled with a large number of inclusions of large pages. The size of
the generated
# page would be proportional to the square of the input size. Hence, we
limit the number
# of inclusions of any given page, thus bringing any attack back to O(N).
#
-- Tim Starling