PHP :: Bug #47149 :: Recent CGI patches completely break functionality with Apache

Bug #47149	Recent CGI patches completely break functionality with Apache
Submitted:	2009-01-19 12:36 UTC	Modified:	2009-01-19 19:00 UTC
From:	daniel dot gorski at develnet dot org	Assigned:	dsp (profile)
Status:	Closed	Package:	CGI/CLI related
PHP Version:	5.3.0alpha3	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	daniel dot gorski at develnet dot org
New email:
PHP Version:		OS:

New/Additional Comment:

[2009-01-19 12:36 UTC] daniel dot gorski at develnet dot org

Description:
------------
The recent patch in sapi/cgi/cgi_main.c breaks the functionality with Apache.

This is the culprit: <http://news.php.net/php.cvs/55503>

- if (env_path_translated != NULL && env_redirect_url != NULL) {
+ if (env_path_translated != NULL && env_redirect_url != NULL &&
+     orig_script_filename != NULL && script_path_translated != NULL &&
+     strcmp(orig_script_filename, script_path_translated) != 0) {

The result is, that Apache tries to *parse* the CGI binary as it would be a PHP file. Requests to this CGI emit following:

Warning: Unexpected character in input: '' (ASCII=15) state=0 in /mnt/dev/php-bin/cgi on line 356
Warning: Unexpected character in input: '' (ASCII=2) state=0 in /mnt/dev/php-bin/cgi on line 356 Warning: Unexpected character in input: ' in /mnt/dev/php-bin/cgi on line 356
Warning: Unexpected character in input: ' in /mnt/dev/php-bin/cgi on line 356 Parse error: syntax error, unexpected T_STRING in /mnt/dev/php-bin/cgi on line 356 

... where /mnt/dev/php-bin/cgi is the PHP CGI binary.

This used to work before the patch in question and works again if I revert this patch.

The CGI configuration settings in my httpd.conf are staight forward:

  ScriptAlias /php-bin "/home/goosh/dev/php-bin"
  <Directory "/home/goosh/dev/php-bin">
      AllowOverride All
      Options All
      Order allow,deny
      Allow from all
  </Directory>
  <IfModule mod_cgi.c>
      AddHandler   php5-script .php .html
      Action       php5-script /php-bin/cgi
  </IfModule>

My Apache httpd version is Apache/2.2.8

regards dtg

Reproduce code:
---------------
-

Expected result:
----------------
Working PHP via the CG interface.

Actual result:
--------------
Trash, CGI not working.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-01-19 12:59 UTC] jani@php.net

David, you break, you fix. ;)

[2009-01-19 19:00 UTC] dsp@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 19:01:33 2024 UTC