php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #31764 Apache hangs during file upload when using "MAX_FILE_SIZE"
Submitted: 2005-01-30 12:57 UTC Modified: 2005-02-11 01:00 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: t dot schoebel at hamburg dot de Assigned:
Status: No Feedback Package: HTTP related
PHP Version: 4.3.10 OS: Debian 3.0 Woody
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: t dot schoebel at hamburg dot de
New email:
PHP Version: OS:

 

 [2005-01-30 12:57 UTC] t dot schoebel at hamburg dot de 
Description:
------------
I'm hosting a costumer, who uses an old script written for php 3.x.
If at the same time some visitors uploads an image, apache "crashed".
The load average jumps to 50 > an there is no possible to connect to the server via ssh anymore.
In the error.log i get i.e. the following messages:

[Sat Jan 29 01:35:30 2005] [warn] child process 24784 still did not exit, sending a SIGTERM

Reproduce code:
---------------
<form ENCTYPE="multipart/form-data" name=info method=post ACTION="page.upload.php">
<table>
<tr>
<td>Datei:</td>
<td> <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000"><input name="userfile" type="file" <? echo $styleform3; ?>>
<INPUT TYPE="hidden" NAME="code" value="1"><br>
<INPUT TYPE="hidden" NAME="user" value="<? echo $user;?>"></td>
</tr>


...

if (is_uploaded_file ($userfile)){
$dir = "/var/kunden/webs/web1/tmp/";
  move_uploaded_file($userfile,$dir.$userfile_name) ;
}

Expected result:
----------------
When I upload an image, which is more than 100000 bytes big, cause of the html-code <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000"> it's given, i get an php error, that the script gets no data.
Apache breaks the transfer to php, cause the image is bigger then 100000 bytes.

Actual result:
--------------
If you delete the hmtl-tag <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000"> an add in your script a check, written in php, for the size and may be the type of the file, you won't get an apache "crash".

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-02-03 05:13 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2005-02-11 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2007-09-03 13:37 UTC] wvdm at vodamail dot co dot za 
My php file - It just hangs no error nothing: 

<?php
$prefix="xyz";
$uploadfile = $prefix.basename($_FILES['userfile']['name']);
$valid_ref1="http://www.xxxx.co.za/download/uploadF.php";

echo '<pre>';

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
	echo "File is valid, and was successfully uploaded.\n";  
	echo  POST_FILE_SIZE =(ini_get('post_max_size') +1)."\n";
	print_r($_FILES);
	echo "<script language=\"JavaScript\">\n";
 	echo "top.location.href = \"$valid_ref1\"\n;></script>";
 	exit;
	
	}		
else {
	echo "Possible file upload attack!\n";
        echo "Here is some more debugging info:";
    	print_r($_FILES);
	}


print "</pre>";

?> 
 and the form:

<form enctype="multipart/form-data" action="uploadP.php" method="POST">
    <input type="hidden" name="MAX_FILE_SIZE" value="500000"/>
    <input type="submit" value="Send File" />
</form>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Dec 22 01:01:30 2024 UTC