PHP floating point bug - potential DoS threat

Unfortunately when upgrading my php, it caused a number of errors on my main site (non xen), so I had to downgrade it
frown.png
 
supposedly this is a quick and dirty php solution. youre supposed to make it the first bit of code on all php pages.
im not sure how you would manage that with xenforo though.

http://www.aircraft24.com/en/info/php-float-dos-quickfix.htm
Code: 
<?php

// *************************************************************
// QUICK FIX / WORKAROUND FOR PHP FLOATING POINT DOS ATTACK
// provided by AirCraft24.com / www.aircraft24.com
// version 1.7, released 2011-01-07 11:20 GMT+1
// *************************************************************

$phpbug_53632_vars='';
if (isset($_GET))    $phpbug_53632_vars.='|'.serialize($_GET);
if (isset($_POST))   $phpbug_53632_vars.='|'.serialize($_POST);
if (isset($_COOKIE)) $phpbug_53632_vars.='|'.serialize($_COOKIE);

if ($phpbug_53632_vars!='')
{
  if (strpos(str_replace('.','',$phpbug_53632_vars), '22250738585072011')!== FALSE)
  {
    header('Status: 422 Unprocessable Entity');
    die ('Script interrupted due to floating point DoS attack.');
  }
}
unset($phpbug_53632_vars); // cleanup

// *************************************************************
// END QUICK FIX / WORKAROUND FOR PHP FLOATING POINT DOS ATTACK
// *************************************************************

?>
 
Top Bottom