I’m still sick, so you get another easy target today. It’s trivially easy to kill the PHP interpreter, dead, without invoking any extensions or unusual language features:
1 2 3 4 5 6 7 8 9 | <?php function recurse($n) { if ($n <= 0) return; return recurse($n - 1); } recurse(100000); /* You may need to adjust this upwards. */ ?> |
This script dies unceremoniously (on Linux, with a segmentation fault) when the PHP interpreter runs off the end of its own stack. This is the kind of behaviour that gives security researchers nightmares, since segmentation faults and bus errors usually go hand in hand with code injection exploits. It’s also a pain to diagnose: you need to break out gdb, because the PHP interpreter is too dead to explain what went wrong.
Other modern languages either monitor the depth of the stack and abort gracefully when it gets too large (Python, Ruby, Java, C#) or prevent large stacks from scribbling over sensitive parts of the program (Perl, Lisp, Haskell). The FreshBooks dev blog illustrates a few examples.
Predictably, the PHP developers don’t think this is a problem.
Unfortunately gdb doesn’t help either, because it just dies in the guts of PHP. Been there, done that, see the dev blog post. :(