php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61471 Incomplete POST does not timeout but is passed to PHP
Submitted: 2012-03-22 08:02 UTC Modified: 2017-03-28 11:35 UTC
Votes:15
Avg. Score:4.4 ± 0.9
Reproduced:12 of 13 (92.3%)
Same Version:7 (58.3%)
Same OS:10 (83.3%)
From: jakub dot lopuszanski at nasza-klasa dot pl Assigned:
Status: Re-Opened Package: Apache2 related
PHP Version: Irrelevant OS: linux
Private report: No CVE-ID: None
 [2012-03-22 08:02 UTC] jakub dot lopuszanski at nasza-klasa dot pl
Description:
------------
When a user has a really slow connection (we experienced the problem with POSTs 
longer than single TCP/IP frame) it may happen, that in expected amount of time 
the number of POST body bytes transmited is less than announced in Content-Length 
header.

It seems, that even with the mod_reqtimeout installed and configured, apache2 
happilly passes the request to PHP interpreter, with $_POST set to an empty array.

It does so if the reqeusted page is a PHP script, which is inconsistent with the 
way a static HTML file is handled (400 Bad Request).

Test script:
---------------
I assume you have a script with var_dump($_POST) on the server.
Please note how 1755 is much greater than "foo=bar" length

netcat localhost 80

POST / HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 1755

foo=bar


Expected result:
----------------
408 Request Timeout
or
504 Gateway Timeout
or
400 Bad Request
or in the worst case 
200 OK
array(1){
  "foo" => "bar"
}

Actual result:
--------------
200 OK
array(0){
}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-29 07:56 UTC] laruence@php.net
Automatic comment on behalf of z-shao@colopl.co.jp
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9b65a10256e244a6d80027c943b163dd1643abe2
Log: bug fixed #61471 in apache2handler
 [2016-12-29 07:56 UTC] laruence@php.net
-Status: Open +Status: Closed
 [2017-01-05 13:06 UTC] ab@php.net
-Status: Closed +Status: Re-Opened
 [2017-01-05 13:06 UTC] ab@php.net
The patch was reverted due to issues, see https://github.com/php/php-src/pull/2180 . Reopening.

Thanks.
 [2017-02-08 00:11 UTC] nikic@php.net
Automatic comment on behalf of z-shao@colopl.co.jp
Revision: http://git.php.net/?p=php-src.git;a=commit;h=80c8d84af303d2fddc9ba9f181c7117b9040811d
Log: Fixed bug #61471
 [2017-02-08 00:11 UTC] nikic@php.net
-Status: Re-Opened +Status: Closed
 [2017-03-28 11:19 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=ef8632c9dc5c4827a47c5b226ad5a0a9cb93326e
Log: Revert "Fixed bug #61471"
 [2017-03-28 11:24 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=825f006117046e28a662545f13ee01e0df3977ac
Log: Revert "Fixed bug #61471"
 [2017-03-28 11:35 UTC] ab@php.net
-Status: Closed +Status: Re-Opened
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Oct 16 07:01:27 2024 UTC