1 files changed, 20 insertions, 4 deletions

diff --git a/main/php_variables.c b/main/php_variables.c
index 4b2640c59..65791d5c8 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -17,7 +17,7 @@
    +----------------------------------------------------------------------+
  */
 
-/* $Id: php_variables.c,v 1.104.2.10.2.8 2007/04/17 15:06:50 iliaa Exp $ */
+/* $Id: php_variables.c,v 1.104.2.10.2.11 2007/07/18 11:46:50 tony2001 Exp $ */
 
 #include <stdio.h>
 #include "php.h"
@@ -125,8 +125,24 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
 			int new_idx_len = 0;
 
 			if(++nest_level > PG(max_input_nesting_level)) {
+				HashTable *ht;
 				/* too many levels of nesting */
-				php_error_docref(NULL TSRMLS_CC, E_ERROR, "Input variable nesting level more than allowed %ld (change max_input_nesting_level in php.ini to increase the limit)", PG(max_input_nesting_level));
+
+				if (track_vars_array) {
+					ht = Z_ARRVAL_P(track_vars_array);
+				} else if (PG(register_globals)) {
+					ht = EG(active_symbol_table);
+				}
+
+				zend_hash_del(ht, var, var_len + 1);
+				zval_dtor(val);
+
+				/* do not output the error message to the screen,
+				 this helps us to to avoid "information disclosure" */
+				if (!PG(display_errors)) {
+					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Input variable nesting level exceeded %ld. To increase the limit change max_input_nesting_level in php.ini.", PG(max_input_nesting_level));
+				}
+				return;
 			}
 
 			ip++;
@@ -142,9 +158,9 @@ PHPAPI void php_register_variable_ex(char *var, zval *val, zval *track_vars_arra
 					/* PHP variables cannot contain '[' in their names, so we replace the character with a '_' */
 					*(index_s - 1) = '_';
 
-					index_len = var_len = 0;
+					index_len = 0;
 					if (index) {
-						index_len = var_len = strlen(index);
+						index_len = strlen(index);
 					}
 					goto plain_var;
 					return;