php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #74611 php://input is available for multipart/form-data when post_max_size error
Submitted: 2017-05-18 14:32 UTC Modified: 2017-05-22 12:44 UTC
Votes:3
Avg. Score:4.3 ± 0.9
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: aki dot sen dot 1209 at gmail dot com Assigned:
Status: Verified Package: *General Issues
PHP Version: 7.1.5 OS: Windows and LINUX
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: aki dot sen dot 1209 at gmail dot com
New email:
PHP Version: OS:

 

 [2017-05-18 14:32 UTC] aki dot sen dot 1209 at gmail dot com 
Description:
------------
So when we uploaded binary file from html form, PHP usually cannot use 'php://input' right?

We usually use $_FILES, when we uploaded something binary.

But I discovered loophole it.
For example, you should set up '1024' with upload_max_filesize  and '1024' with post_max_size in php.ini.

Next you need to write 'ini_set("memory_limit", -1)'  in source code which you should execute.

So Let's upload something binary file to html form.
Then, You would notice what '$_FILES' and '$_POST' is empty.
But you can extract binary file from 'php://input'.
Let's use 'file_get_contents' for binary , to extract binary file from raw 'php://input'.

You would watch the notice of warning from PHP on display, But You can understand that the program was able to upload the binary file.


Test script:
---------------
<?php ini_set("memory_limit", -1);
    print_r($_FILES);
    print_r($_POST);
    print("<br >");
    ob_start();
    print(file_get_contents("php://input"));
    $get = ob_get_clean();
    file_put_contents("/tmp/".time(), $get);

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-05-18 15:06 UTC] requinix@php.net
-Summary: We use 'php://input', when we uploaded the binary file from html form. +Summary: php://input is available for multipart/form-data when post_max_size error -Status: Open +Status: Verified -Type: Bug +Type: Documentation Problem
 [2017-05-18 15:06 UTC] requinix@php.net 
PHP will read the request body (php://input) for multipart/form-data requests, which means it is not then available to read in userland. However PHP checks the Content-Length header first; if the value exceeds post_max_size then it will not read the body at all, thus making it available via php://input after all.

The docs for php://input
  http://php.net/manual/en/wrappers.php.php#wrappers.php.input
say simply that it is not available for multipart/form-data - I think this interesting edge case is worth mentioning, even if there's not much practical usage for it. However I'd keep it brief there and instead say more in the file uploads area.
  http://php.net/manual/en/features.file-upload.php
 [2017-05-22 12:44 UTC] aki dot sen dot 1209 at gmail dot com 
Sorry, I was late for your replied.
I see, I could understand specification  which 'php://input' has.
But PHP team has the plan which will improve  this specification?
Can also php7 or later access 'php://input' which has 'multipart/form-data'?
If PHP has limit of post_max_size and upload_max_filesizse, PHP can extract binary data from 'php://input'?
I think problem that PHP has specification...
Sorry, I cannot write C languagem. 
Sorry, May be I am saying about besides of point.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 15:01:29 2024 UTC