|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #12426 Critical PHP bug while processing big POST data (>10K)
Submitted: 2001-07-27 10:57 UTC Modified: 2001-10-29 02:12 UTC
From: dk at dklab dot ru Assigned:
Status: Closed Package: HTTP related
PHP Version: 4.0.6 OS: RedHat Linux 7.0 2.2.16-22smp
Private report: No CVE-ID: None
 [2001-07-27 10:57 UTC] dk at dklab dot ru
I have configured PHP4 to process POST data less than 8000000 (phpinfo() reports that, see below). When I use the following script and enter a large block of text in the form, PHP4 cuts it off. Please test (with phpinfo() call, form at the bottom of the file) (the file I am inserting - please test it)

Here is the script:

echo @$text;

<form action=test.php method=post>
<textarea cols=60 rows=10 name=text wrap=virtual>
    <?$f=fopen("content.txt","r"); echo fread($f,100000)?>
<input type=submit name=go value="Go!">

I have encountered that use of multipart/form-data forms solves this problem, but usual POST forms does not work correctly. PHP3 also work correct with such forms.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-08-02 19:16 UTC] dk at dklab dot ru
Well, some days ago I had tried to patch PHP myself. No result :-( I have found that PHP does not get POST data larger than about 4000 bytes (3996). There is a constant in SAPI.h:


I understand that this constant explains the block size, which is used by PHP to read data from stdin in function:

in SAPI.c.

It is very VERY weird, but when I set SAPI_POST_BLOCK_SIZE to, for example, 10000, POST data is cutted by 4000 bytes again (not 10000, as I expected)! It looks like there is no bug in block-oriented algorythm of POST reading, but then why 4000?..

you think that it is HTTP-related bug? I don't think so: PHP3 works correctly...
 [2001-08-02 19:46 UTC]
Must be something related to that russian module you have loaded in your Apache
 [2001-08-02 21:16 UTC] dk at dklab dot ru
Oh, you are right, Rasmus! Thanks a lot.

I tried to set Russian Apache 1.3.20 (my old version was 1.3.14) and test PHP under it. Big POST transfer works correctly! But then my Apache had died (oh, too many made-by-hand patches, iI think), it is only my problem, I suppose.

But I do not understand, why PHP3 works correctly, but PHP4 does not?..
 [2001-10-29 02:12 UTC]
Propably your patching had gone too far? :)
The HTTP upload is rewritten now in CVS. You could try
the latest CVS snapshot from
And also get fresh sources of Apache too.


PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun May 26 22:01:30 2024 UTC