php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #22321 Execute Bit and XBitHack seems to breaks PHP
Submitted: 2003-02-20 04:17 UTC Modified: 2003-03-12 19:39 UTC
From: osw at ld dot pages dot de Assigned:
Status: Closed Package: Apache2 related
PHP Version: 4.3.0 OS: Linux (SuSE 8.0)
Private report: No CVE-ID: None
 [2003-02-20 04:17 UTC] osw at ld dot pages dot de
Dear PHP-Developers!

I got a very, very strange problem with PHP 4.3.0, Apache 2.0.44  (see typscript #3 below) and XBitHack on.

If I set the eXecute flag on PHP-parsed files (for example file with ending .php) PHP don't work correctly any more:

Simple PHP scripts work perfectly (see typescript #2 below) but more complex  don't work (the PHP code don't get parsed, see typescript #1 below).

In the httpd.conf I set the XBitHack to on. If I turn it off anything works fine. Or if I remove the x bit from the files it works fine too.

So I'm not really sure whether this is an Apache problem or a PHP problem.

Hoping it's a real bug and not just a problem with my installation.

Greetings and many thanks in advance,
Kai Seidler




Small typescript #1:

htdocs # cat test.php
<html>
<body>
<?
        echo "hello world!\n";
?>
</body>
</html>
htdocs # ls -l test.php
-rw-r--r--    1 root     root     60 Feb 20 10:55 test.php
htdocs # lynx -source -dump http://localhost/test.php
<html>
<body>
hello world!
</body>
</html>
htdocs # chmod a+x test.php
htdocs # lynx -source -dump http://localhost/test.php
<html>
<body>
<?
        echo "hello world!\n";
?>
</body>
</html>
htdocs # 



Small typescript #2:

htdocs # cat test2.php
<?
        echo "hello world!\n";
?>
htdocs # ls -l test2.php 
-rw-r--r--    1 root     root     30 Feb 20 11:01 test2.php
htdocs # lynx -source -dump http://localhost/test2.php
hello world!
htdocs # chmod a+x test2.php
htdocs # lynx -source -dump http://localhost/test2.php
hello world!
htdocs # 



Small typescript #3:

htdocs # telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.
xxx
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>501 Method Not Implemented</title>
</head><body>
<h1>Method Not Implemented</h1>
<p>xxx to /index.html not supported.<br />
</p>
<hr />
<address>Apache/2.0.44 (Unix) mod_perl/1.99_08 Perl/v5.8.0 mod_ssl/2.0.44 OpenSSL/0.9.7 PHP/4.3.0 DAV/2 Server at localhost Port 80</address>
</body></html>
Connection closed by foreign host.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-02-21 22:45 UTC] jerenkrantz@php.net
This is not really an XBitHack scenario.  XBitHack is meant for specifying text/html files as PHP files.  This would mean having an .html file parsed as a PHP because the execute bit is set.

FWIW, #3 is not a bug.  That is correct behavior.  I'm not sure what you expect to see for case #3.  xxx is not a method.

However, this should be resolved in the apache2handler SAPI in HEAD of php5.  This new SAPI still needs to be merged back into 4.x.  It may make it into 4.4 or later though.

(The apache2filter SAPI can't handle this case cleanly.)
 [2003-03-12 19:39 UTC] iliaa@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

This bug has been fixed in CVS, however you will need to use apache2handler, which can be enabled with --with-apxs2 in the configure script.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri May 29 18:01:25 2020 UTC