php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60056 Basic authorization crashes Windows CLI web server
Submitted: 2011-10-13 16:37 UTC Modified: 2011-10-16 10:33 UTC
From: david dot gero at ec dot gc dot ca Assigned: pajoye (profile)
Status: Closed Package: Built-in web server
PHP Version: 5.4.0beta1 OS: Windows XP
Private report: No CVE-ID: None
 [2011-10-13 16:37 UTC] david dot gero at ec dot gc dot ca
Description:
------------
The attached "Patch file" is actually a PHP program that shows the problem.

Command line was: php -S 127.0.0.1:8000 -t \html

In a browser, goto http://localhost:8000/basic-auth-test.php

1. First error is that the browser's authorization request displays "at 0" instead of "at Admin Area", meaning the PHP CLI server is not sending the realm correctly.

2. Second error is that the PHP CLI server crashes when the browser sends the Authorization: Basic <base64 userid:password>

Test script:
---------------
Patch file below is test script

Expected result:
----------------
Expect the PHP CLI server not to crash, and to see the following at the browser:

Success!
You have been authorized as user: foo

Actual result:
--------------
Windows PHP CLI server crashes

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-10-13 16:45 UTC] david dot gero at ec dot gc dot ca
Sigh.  Your bug system wouldn't let me upload the PHP file, saying it was "text/x-php", which apparently isn't text.  So here it is:

<?php
/*! \file basic-auth-test.php
 *  \brief Test that basic authorization works even if web server doesn't do it
 */

function doauthreq() {
	header('WWW-Authenticate: Basic realm="Admin Area"');
	header((isset($_SERVER["SERVER_PROTOCOL"]) ? $_SERVER["SERVER_PROTOCOL"] : 'HTTP/1.0') . ' 401 Unauthorized');
?><!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<?php if (isset($_SERVER['SERVER_SIGNATURE'])) echo '<hr>', PHP_EOL, $_SERVER['SERVER_SIGNATURE'], PHP_EOL; ?>
</body></html>
<?php
	exit();
}

if ((!isset($_SERVER["PHP_AUTH_USER"])) || !isset($_SERVER["PHP_AUTH_PW"])) {
	if (isset($_SERVER["REMOTE_USER"]) && ini_get("safe_mode")) {
		// web server did authentication, but safe_mode is hiding PHP_AUTH_PW
		$php_auth_user = preg_replace('/[^[:alnum:]\\xC0-\\xD6\\xD8-\\xF6\\xF8-\\xFF @.\'_-]+/', '', $_SERVER["REMOTE_USER"]);
		$_SERVER["PHP_AUTH_USER"] = $php_auth_user;
		$_SERVER["PHP_AUTH_PW"] = 'testing';
	} else {
		// web server not restricting access, request browser authentication
		doauthreq();
	}
} else if (!isset($_SERVER["REMOTE_USER"])) {
	// web server not restricting access, browser has responded with authentication
	if (strcmp($_SERVER['PHP_AUTH_PW'], 'testing') != 0) doauthreq();
}
?>
<html>
<head>
<title>Basic Authorization Test</title>
</head>
<body bgcolor="white">
<h1>Basic Authorization Test</h1>
<p>Success!<br />
You have been authorized as user: <?php echo $_SERVER["PHP_AUTH_USER"]; ?></p>
</body>
</html>
 [2011-10-13 19:13 UTC] david dot gero at ec dot gc dot ca
The first error happens at line 805 of main/SAPI.c
 [2011-10-13 20:10 UTC] david dot gero at ec dot gc dot ca
The second error probably happens on lines 1766 and 1869 of sapi/cli/php_cli_server.c where you are using Z_STRVAL_PP(val) instead of just *val

request.headers are strings, not Z_STRs

Look at the other examples of zend_hash_find in php_cli_server.c
 [2011-10-13 20:33 UTC] david dot gero at ec dot gc dot ca
-Package: CGI/CLI related +Package: Built-in web server
 [2011-10-13 20:33 UTC] david dot gero at ec dot gc dot ca
Package: should be PHP built-in web server related
 [2011-10-15 15:54 UTC] cataphract@php.net
-Status: Open +Status: Feedback
 [2011-10-15 15:54 UTC] cataphract@php.net
Please try using this snapshot:

  http://snaps.php.net/php5.4-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

This appears to have already been fixed.
 [2011-10-16 01:08 UTC] laruence@php.net
see #55755,  fixed already,  thanks
 [2011-10-16 10:33 UTC] pajoye@php.net
-Status: Feedback +Status: Closed -Assigned To: +Assigned To: pajoye
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Dec 02 04:01:24 2020 UTC