Source for file memory_limit.php

Documentation is available at memory_limit.php

  1. <?php
  2. /**
  3. * Test Class for memory_limit setting
  4. *
  5. * @package PhpSecInfo
  6. * @author Paul Reinheimer
  7. * @author Ed Finkler
  8. * @author Mark Wallaert <mark@autumnweave.com>
  9. */
  10.  
  11.  
  12. /**
  13. * require the PhpSecInfo_Test_Core class
  14. */
  15. require_once('PhpSecInfo/Test/Test_Core.php');
  16.  
  17. /**
  18. * The max recommended size for the memory_limit setting, in bytes
  19. *
  20. */
  21. define ('PHPSEC_MEMORY_LIMIT', 8*1024*1024);
  22.  
  23. /**
  24. * Test Class for memory_limit setting
  25. *
  26. * @package PhpSecInfo
  27. */
  28. class PhpSecInfo_Test_Core_Memory_Limit extends PhpSecInfo_Test_Core
  29. {
  30.  
  31.  
  32. /**
  33. * This should be a <b>unique</b>, human-readable identifier for this test
  34. *
  35. * @var string
  36. */
  37. var $test_name = "memory_limit";
  38.  
  39. var $recommended_value = PHPSEC_MEMORY_LIMIT;
  40. function _retrieveCurrentValue() {
  41. $this->current_value = $this->returnBytes(ini_get('memory_limit'));
  42. }
  43.  
  44. /**
  45. * Check to see if the memory_limit setting is enabled.
  46. *
  47. * Test conditions and results:
  48. * OK: memory_limit enabled and set to a value of 8MB or less.
  49. * NOTICE: memory_limit enabled and set to a value greater than 8MB.
  50. * WARNING: memory_limit disabled (compile time option).
  51. *
  52. * @return integer
  53. */
  54. function _execTest() {
  55. if (!$this->current_value) {
  56. return PHPSECINFO_TEST_RESULT_WARN;
  57. } else if ($this->returnBytes($this->current_value) <= PHPSEC_MEMORY_LIMIT) {
  58. return PHPSECINFO_TEST_RESULT_OK;
  59. }
  60. return PHPSECINFO_TEST_RESULT_NOTICE;
  61. }
  62.  
  63. /**
  64. * Set the messages specific to this test
  65. *
  66. * @access public
  67. * @return null
  68. */
  69. function _setMessages() {
  70. parent::_setMessages();
  71. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'memory_limit is enabled, and appears to be set
  72. to a realistic value.');
  73. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTICE, 'en', 'memory_limit is set to a very high value. Are
  74. you sure your apps require this much memory? If not, lower the limit, as certain attacks or poor
  75. programming practices can lead to exhaustion of server resources. It is recommended that you set this
  76. to a realistic value (8M for example) from which it can be expanded as required.');
  77. $this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', 'memory_limit does not appear to be enabled. This
  78. leaves the server vulnerable to attacks that attempt to exhaust resources and creates an environment
  79. where poor programming practices can propagate unchecked. This must be enabled at compile time by
  80. including the parameter "--enable-memory-limit" in the configure line. Once enabled "memory_limit" may
  81. be set in php.ini to define the maximum amount of memory a script is allowed to allocate.');
  82. }
  83.  
  84. }

Documentation generated on Mon, 26 Feb 2007 10:50:00 -0500 by phpDocumentor 1.3.0RC3