Hi! > I'm not so sure of this now - unless, again, I misunderstand what we're > counting.
It just occurred to me that I possibly do misunderstand what is counted - if the proposal is to count collisions per lookup. I rerun my scripts with that assumption and turns out the longest collision chain I have is about 8. So in this case - if I'm understanding it right now - my argument about limit is wrong and collision chain length *is* like recursion. In which case some limit like 1000 (just random number but can be tested) would probably be OK. The question now is would it be enough to block DoS? I.e. if we construct data to cause 999 collisions each time to stay just under the limit, can we still cause trouble or not? It's still almost 1000 times slower it's supposed to be... P.S. Sorry for the confusion and the noise, I hope I got the proposed solution right this time. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
