php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #41446 Incorrect PATH_INFO when just '/' is specified
Submitted: 2007-05-20 01:27 UTC Modified: 2007-07-10 01:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: robertn at the-nelsons dot org Assigned: iliaa (profile)
Status: No Feedback Package: CGI/CLI related
PHP Version: 5.2.2 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: robertn at the-nelsons dot org
New email:
PHP Version: OS:

 

 [2007-05-20 01:27 UTC] robertn at the-nelsons dot org
Description:
------------
If the path info contains just a slash then php returns the "No input file specified." error.


Reproduce code:
---------------
1) create a phpinfo.php file with "<?php print phpinfo(); ?>"

2) View the page in the browser to make sure it works.

3) Append a / to the url and view the page again.  A 404 error with the "No input file specified." is returned.

4) Append a /x to the original url and view the page again.  This time it works and PATH_INFO is correctly set to "/x".


Expected result:
----------------
If just a "/" is specified then PATH_INFO should be "/"

Actual result:
--------------
404 No input file specified

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-05-20 02:09 UTC] robertn at the-nelsons dot org
This bug happens because tsrm_realpath() strips any trailing slashes before resolving the realpath.

The fix is to change the code in sapi/cgi/cgi_main.c at line 799.

From:

if (script_path_translated &&
    (real_path = tsrm_realpath(script_path_translated, NULL TSRMLS_CC)) == NULL) {

to:

if (script_path_translated &&
    (script_path_translated[strlen(script_path_translated) - 1] == '/' ||
     script_path_translated[strlen(script_path_translated) - 1] == '\\' ||
      (real_path = tsrm_realpath(script_path_translated, NULL TSRMLS_CC)) == NULL)) {

This isn't the most efficient fix but best illustrates the solution.
 [2007-05-20 16:06 UTC] iliaa@php.net
What web server are you using?
 [2007-05-20 22:46 UTC] robertn at the-nelsons dot org
Apache/2.0.54 (Unix) PHP/4.4.4 mod_ssl/2.0.54 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
 [2007-05-21 16:41 UTC] iliaa@php.net
I've tried to reproduce the problem, but it seems to be working fine as 
is. Can you show me output of $_SERVER from a working path info request?
 [2007-05-22 08:30 UTC] robertn at the-nelsons dot org
I wanted to avoid having the URLs below attached to the bug report so I replied directly to iliaa@php.net with the information below complete with full URLs.

I've created a file called tst.php with the following contents:
<html>
  <body>
    <h1>$_SERVER - <?php print phpversion();?></h1>
    <table>
      <tbody>
        <?php
          foreach ($_SERVER as $name => $value) {
              print "<tr><td>$name</td><td>$value</td></tr>";
          }
        ?>
      </tbody>
    </table>
  </body>
</html>

I then linked it to tst.php5 and tst.php5f.

Files with extension .php5 are set up to be executed by php version 5.2.1 unmodified.  This is the stock version my Hosting provider uses.  I also tested an unmodified 5.2.2 and the problem also occurs.  It is just easier to use the 5.2.1 then build a non working 5.2.2.

Files with extension .php5f are executed by php version 5.2.2 patched as per the bug report.

You can see the different results using the URLs below:

[The URLs were removed.]
 [2007-07-10 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 27 10:01:28 2024 UTC