php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #41120 PHP 5.2.1 -- FastCGI wrapper script echoed back
Submitted: 2007-04-17 14:13 UTC Modified: 2007-05-11 10:41 UTC
From: dsimic99 at gmail dot com Assigned: dmitry (profile)
Status: Not a bug Package: CGI/CLI related
PHP Version: 5.2.1 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: dsimic99 at gmail dot com
New email:
PHP Version: OS:

 

 [2007-04-17 14:13 UTC] dsimic99 at gmail dot com 
Description:
------------
I'm setting up an Apache2 (2.0.59) server with PHP4 (4.4.6) and PHP5 (5.2.1) support, both are compiled as FastCGI's (mod_fastcgi-2.4.2), using Suexec.

Here's an excerpt from httpd.conf (server config context):

FastCgiWrapper /usr/local/apache2/bin/suexec
SuexecUserGroup www www

Action php4-fcgi /php/4
Action php5-fcgi /php/5

AddHandler php4-fcgi .php .php4 .php3
AddHandler php5-fcgi .php5

Alias /php/4 "/htdocs/.fcgi/php4-cgi"
Alias /php/5 "/htdocs/.pcgi/php5-cgi"

<LocationMatch "^/php/[45]/.*$">
    Options ExecCGI
    SetHandler fastcgi-script
    Order Allow,Deny
    Allow from All
</LocationMatch>

<LocationMatch "^/php/[45]/(php[45]-cgi)?$">
    Options None
    Order Allow,Deny
    Deny from All
</LocationMatch>

/htdocs/.fcgi/php4-cgi and /htdocs/.fcgi/php5-cgi are simple shell scripts ("wrappers"), here's php5-cgi (php4-cgi is almost the same):

#!/bin/sh
export PHPRC=/usr/local/php-cgi/etc/php5
export PHP_FCGI_CHILDREN=4
export PHP_FCGI_MAX_REQUESTS=1000
exec /usr/local/php-cgi/bin/php5-cgi

Everything runs great, but when I point my browser to http://server.domain.tld/php/5/random-garbage , I get the wrapper script echoed back in the browser, minus the shebang line.  Pointing the browser to http://server.domain.tld/php/4/random-garbage results in "No input file specified.", what's perfectly Ok.

Why (and how?) is the PHP5 performing like that?

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-04-20 13:12 UTC] dsimic99 at gmail dot com 
I've reviewed the PHP source and made a small "dirty" ;) patch in sapi/cgi/cgi_main.c:

diff -urN php-5.2.1.ORIG/sapi/cgi/cgi_main.c php-5.2.1/sapi/cgi/cgi_main.c
--- php-5.2.1.ORIG/sapi/cgi/cgi_main.c  2007-01-29 20:36:01.000000000 +0100
+++ php-5.2.1/sapi/cgi/cgi_main.c       2007-04-20 14:48:48.000000000 +0200
@@ -1696,7 +1696,9 @@
                        if we are unable to open path_translated and we are not
                        running from shell (so fp == NULL), then fail.
                */
-               if (retval == FAILURE && file_handle.handle.fp == NULL) {
+               if (retval == FAILURE && file_handle.handle.fp == NULL
+                   || strstr(file_handle.filename, "php4-cgi")
+                   || strstr(file_handle.filename, "php5-cgi")) {
                        SG(sapi_headers).http_response_code = 404;
                        PUTS("No input file specified.\n");
 #if PHP_FASTCGI
 [2007-05-11 08:16 UTC] dmitry@php.net 
The problem is not in PHP, but in mod_fcgi configuration.
I wasn't able to reproduce it, but your fix is definitely wrong.
PHP must not fix configuration problems in such a way.
 [2007-05-11 08:35 UTC] dsimic99 at gmail dot com 
I completely agree that my "fix" is a really dirty one and things generally aren't supposed to be fixed that way -- you can see that I wrote "dirty" as a comment with that fix.  I had to push the server setup into production and couldn't wait any longer either for responds here, or for digging through the entire PHP's FastCGI interface source finding out the actual bug.

Could you, please, point out what's the actual problem with mod_fcgi configuration, so I could get it fixed the right way?
 [2007-05-11 09:31 UTC] dmitry@php.net 
As I said, I wasn't able to reproduce your configuration.
I use mod_fastcgi in some different way.

LoadModule fastcgi_module libexec/mod_fastcgi.so
FastCgiServer /usr/local/apache/cgi-bin/php -pass-header HTTP_AUTHORIZATION -flush -idle-timeout 60 -initial-env PHP_FCGI_CHILDREN=4
Action application/x-httpd-php /cgi-bin/php
AddType application/x-httpd-php .php
 [2007-05-11 09:39 UTC] dsimic99 at gmail dot com 
As I can see, you're using Static FastCGI server, while I have to use Dynamic FastCGI servers.  Could you try using the configuration I provided, just for testing purposes?
 [2007-05-11 10:31 UTC] dmitry@php.net 
The following configuration works for me.

httpd.conf
==========
...
LoadModule fastcgi_module libexec/mod_fastcgi.so
AddHandler php-fcgi .php
Action php-fcgi /cgi-bin/php.fpl
<Location /cgi-bin/php.fpl/*>
    Options ExecCGI
    SetHandler fastcgi-script
    Order Allow,Deny
    Allow from All
</Location>

/usr/local/apache/cgi-bin/php.fpl
=================================
#!/bin/sh
export PHP_FCGI_CHILDREN=0
export PHP_FCGI_MAX_REQUESTS=1000
exec /usr/local/apache/cgi-bin/php

===

It is nothing to fix in PHP!
 [2007-05-11 10:41 UTC] dsimic99 at gmail dot com 
Ok, and what happens when you point the browser to http://.../cgi-bin/php.fpl/random-garbage ?

Btw, are you using Apache 2.0.x, maybe that matters?  Also, I had the problems I described only with PHP5.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue May 21 23:01:31 2024 UTC