|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #10229 buffer error in fread
Submitted: 2001-04-07 19:25 UTC Modified: 2001-11-19 05:43 UTC
From: apeeters at lashout dot net Assigned:
Status: Closed Package: Filesystem function related
PHP Version: 4.0.3pl1 4.0.4pl1 4.0.5 4.0.6 OS: linux 2.2.14C11
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: apeeters at lashout dot net
New email:
PHP Version: OS:


 [2001-04-07 19:25 UTC] apeeters at lashout dot net
While running the following code, I got weird results in my mailbox.  It seemed like I got the entire buffer of 100000 bytes mailed, instead of only the length of the result of the url.  And those mails contained php code from another site hosted at the same server.  This worries me, and I think this needs a serious checkup.
The bug is reproducible :)

$fp = fopen("http://someurl/", "r");
$content = fread($fp, 100000);
mail("someone@somehost", "test", $content);

Additional info:
'./configure' '--prefix=/usr' '--with-apxs=/usr/sbin/apxs' '--with-gd' '--with-gettext=/usr' '--enable-safe-mode' '--with-config-file-path=/etc/httpd' '--with-exec-dir=/usr/bin' '--with-zlib' '--enable-magic-quotes' '--with-regex=system' '--with-ttf=/usr/lib/' '--enable-track-vars' '--enable-xml' '--disable-debug' '--with-db3' '--with-interbase=shared' '--with-pgsql=shared' '--with-ldap' '--with-imap'


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-04-07 19:46 UTC]
Can't reproduce with CVS version.  Try upgrading to the newest release 4.04pl1 or grab a CVS snapshot from

What URL is it that is doing this? Or is it every URL?

 [2001-04-07 20:17 UTC] apeeters at lashout dot net
I've been testing a bit more and have a clear reproducible codesnippet, it yields the same results in php 4.0.4p1, so I changed the PHP version for this bugreport.

$fp = fopen("", "r");
$content = fread($fp, 100000);

$fp = fopen("", "r");
$content = fread($fp, 100000);

mail("me@host", "topic", $content);

In this mail, I see the sourcecode from followed by the rest of the code from  This does occur in about 1/3 of the mails I try, although I'm unable to see why this isn't always the case.

 [2001-04-07 20:51 UTC]
I ran it through a couple hundred times and absolutely no PHP code whatsoever.

The only problem I see here is $content is never cleaned up properly and contains BOTH of the fread()s jumbled.  Which is very strange.

$fp = fopen("", "r");
while (!feof($fp)) $content .= fread($fp, 4000);

You would be better off using the above as it works properly.

Whomever is handling the fopen-wrappers should probably look at this.

 [2001-04-08 05:04 UTC] apeeters at lashout dot net
I have only seen php code once, and I was't able to reproduce it.  I suppose it was a case where php code was stored in a variable (for online editing or something).  This is only a guess, as it's not my code that I see, but code from someone else on the same server.
 [2001-04-27 15:34 UTC]
I assume this is a dead issue.  If not reopen.

 [2001-07-06 05:09 UTC] apeeters at lashout dot net
This error still exists, not de phpcode part, but the buffering errors, try this several times:

$fp = fopen("", "r");
$content = fread($fp, 100000);

$fp = fopen("", "r");
$content = fread($fp, 100000);

mail("me@host", "topic", $content);

This is an error in the buffer handling routines and should be eliminated.  It seems to occur at _every_ request with php4.0.6 !
 [2001-10-29 02:41 UTC]
Please try latest CVS snapshot from
as I think this should be fixed now.


 [2001-11-19 05:43 UTC]
No feedback. Closing.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Jun 23 05:01:28 2024 UTC