January 19, 2005

Critical PHP bug slows dynamic applications

by brian_turner

After the recent security concerns with PHP, upgrades from PHP 4.3.9 to PHP 4.3.10 have left some dynamic applications with serious problems with slowed performance.

In a report at the PHP development community, Bug #31332 unserialize() works terribly slow on huge strings compared to 4.3.9, it is pointed out that this error is critical for many php based systems, such as vBulletin and Drupal.

The issue centers around use of the unserialize() function, which when used on serialized multidimensional arrays, can result in a a slowdown in the application of stored data by as much as a factor of 20.

In layman’s terms: if the software you run is like a pub, and the database the software runs from is like the beer cellar, then the barman now has lead boots.

A workaround is already in beta format, and a public release of the patch is expected soon.

Discuss this in the Internet Business forums

Story link: Critical PHP bug slows dynamic applications


Leave a Reply


Previous: «
Next: »

Visited 2136 times, 1 so far today

Posted in: Webmaster