PHP :: Bug #74252 :: Non-existent STDIN duplicates FD 0 instead of registering it as closed stream

Bug #74252	Non-existent STDIN duplicates FD 0 instead of registering it as closed stream
Submitted:	2017-03-15 14:55 UTC	Modified:	2019-09-17 15:30 UTC
From:	kelunik@php.net	Assigned:	nikic (profile)
Status:	Wont fix	Package:	Streams related
PHP Version:	Irrelevant	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	kelunik@php.net
New email:
PHP Version:		OS:

New Comment:

[2017-03-15 14:55 UTC] kelunik@php.net

Description:
------------
If no STDIN exists, STDIN is still registered as FD 0 instead of a closed stream. This results in scripts without STDIN reading from /dev/urandom, because that's opened and just uses the next free FD.

Instead of duplicating the FD in https://github.com/php/php-src/blob/16ae9f82e82e2aea5d7deaf8f9a9c825a56dfcc1/ext/standard/php_fopen_wrapper.c#L265 it should be registered as closed stream.

See also https://github.com/reactphp/stream/issues/81.

Test script:
---------------
php -r 'var_dump(!!fstat(STDIN));passthru("ls -o /proc/".getmypid()."/fd");' <&-

Expected result:
----------------
STDIN should be a closed stream instead of /dev/urandom

Actual result:
--------------
STDIN is /dev/urandom

Patches

Pull Requests

Pull requests:

Handle closed stdio streams (php-src/4685)

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-03-16 11:55 UTC] kelunik@php.net

In fact, /dev/urandom is opened by some extension. With `./configure --disable-all` PHP segfaults with the same test case.


$ sapi/cli/php -r 'var_dump(!!fstat(STDIN));passthru("ls -o /proc/".getmypid()."/fd");' <&-
bool(false)
insgesamt 0
lr-x------ 1 kelunik 64 Mär 16 12:51 0 -> pipe:[7290202]
lrwx------ 1 kelunik 64 Mär 16 12:51 1 -> /dev/pts/1
lrwx------ 1 kelunik 64 Mär 16 12:51 2 -> /dev/pts/1
Speicherzugriffsfehler (Speicherabzug geschrieben)

[2019-09-05 15:12 UTC] nikic@php.net

-Assigned To: +Assigned To: nikic

[2019-09-06 12:30 UTC] nikic@php.net

The following pull request has been associated:

Patch Name: Handle closed stdio streams
On GitHub:  https://github.com/php/php-src/pull/4685
Patch:      https://github.com/php/php-src/pull/4685.patch

[2019-09-17 15:30 UTC] nikic@php.net

-Status: Assigned +Status: Wont fix

[2019-09-17 15:30 UTC] nikic@php.net

I've tried to address this in https://github.com/php/php-src/pull/4685, but failed because stdin already get hijacked prior to main(). I think the only thing left to say here is that closed stdio streams are ill-defined (UB in C), and you should be piping /dev/null instead.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Dec 27 06:01:29 2024 UTC