php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #27004 DenialOfService-Risk with wrong Usage
Submitted: 2004-01-22 06:07 UTC Modified: 2004-01-22 10:37 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: kmb at deam dot org Assigned:
Status: Not a bug Package: Apache related
PHP Version: Irrelevant OS: Debian-Linux (Woody), MacOS X.3
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2004-01-22 06:07 UTC] kmb at deam dot org 
Description:
------------
Calling somith within a PHP-Script recursively can result into one of these results:
1. general PHP-error and stop
2. max_execution_time and stop
3. max_input_time and stop
4. memory_limit and stop

If you use the file()-function to call yourself, one of the upper limits will occure, but it won't stop with that.

You can overload the Apache with a lot of reqeusts so that there will be no more response. Your initial request will timeout, but the Apache won't come back if you do not restart it.

The trouble is, that there is currently no way to suppress this behaviour or at least leave some resources open....


Reproduce code:
---------------
$in = file("http://local.dom/myself.php", "r");


Expected result:
----------------
some sort of "filter" to slow down the request of resource-usage.

Actual result:
--------------
It uses up all Apache-processes up to MaxClient-Limit and ends in a total DOS of the Apache.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-22 10:24 UTC] jay@php.net 
There are lots of ways that you can DOS yourself, and 
using file() recursively in a script on itself is one of 
them. It can't really be fixed, though, much like going 
through an infinitely recursive function call or infintely 
forking until memory is exhausted. There are several other 
bug reports dealing with this sort of thing that explain 
things further. (Search for 'recursive', for instance.) 
 
Basically, we need to trust that users aren't going to DOS 
themselves.  
 
J
 [2004-01-22 10:37 UTC] kmb at deam dot org 
ok, there are more things like file() for this and i of course wrote something without a new aspect, but i find this problematic:
"Basically, we need to trust that users aren't going to DOS 
themselves."

its not about DOSing themselves. think of a shared server and the impact for all on the server if one is going to go crazy.

i think you are doing a good job in securing basic strctures with php. like having specific timeouts, safe_mode and other tings.
maybe its possible to go with that a bit further.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 13:01:30 2024 UTC