potential Issue with PHP memory exhaustion…..

  • nerdlogger

    (@nerdlogger)


    8 years, 8 months ago

    Hi We had issues with php memory exhaustion. After enabling debug mode in WP we observed the following:

    [03-Aug-2017 14:10:34 UTC] PHP Notice: Uninitialized string offset: 62 in /var/vhosts/rsj/wp-content/plugins/ultimate-faqs/Shortcodes/DisplayFAQs.php on line 498

    I think the culprit is the rand function parameters……Code looks like:

    function EWD_UFAQ_Rand_Chars($CharLength = 10) {
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randstring = '';
    for ($i = 0; $i < $CharLength; $i++) {
        $randstring .= $characters[rand(0, strlen($characters))];
    }
    return $randstring;
}

    But I think it’s supposed to be like:

    function EWD_UFAQ_Rand_Chars($CharLength = 10) {
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randstring = '';
    for ($i = 0; $i < $CharLength; $i++) {
        $randstring .= $characters[rand(0, strlen($characters) - 1)];
    }
    return $randstring;
}

    No? rand(0,62) would create a out of bound error (above) if the random number generated is 62 (since the charater array index is 0-61)….

    I also think there might be issues with spaces in Faq category Names. We had a Name with a space in it and the shortcode for that category refused to work (we have 4 categories…..3 have no spaces and work properly…..1 had spaces and it didn’t work).

Viewing 2 replies - 1 through 2 (of 2 total)
  • etoilewebdesign

    (@etoilewebdesign)

    8 years, 8 months ago

    Hi Nerdlogger,

    Thank you for noticing this. As we are working on Ultimate FAQ errors and notices right now, We will take a look at your proposed solution.
    For category name with space in between. Can you make sure slug of that category doesn’t have space between two words. There should be dash ( – ). The shortcode attribute takes a slug of the category not the name of the category.

    Thank you

    Thread Starter nerdlogger

    (@nerdlogger)

    8 years, 8 months ago

    Hi,

    Thanks for the response….but I think you should fix this asap as you’re creating garbage entries in the DB……you’re literally seeking past the end of the array and grabbing the string terminator character…….Following code illustrates:

    <?php
// PHP code goes here
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
   print("Printing character @ strlen($characters) location\n");
   echo "\n";
   echo $characters[strlen($characters)];
   echo "\n";
   print("Printing character @ (strlen($characters) - 1) location\n");
   echo "\n";
   echo $characters[(strlen($characters) - 1)];
   echo "\n";
?>

    Run this from command line and see……your version of the code (without subtracting 1) goes off the end of the characters array.

    Please see the comments on this page as well (same issues are discussed).

    http://php.net/manual/en/function.rand.php

    Please fix this soon…..this could cause major issues later on.

    Thanks,
    Many Ayromlou

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘potential Issue with PHP memory exhaustion…..’ is closed to new replies.