php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #66119 FPM full status produces invalid JSON with double quotes in query string
Submitted: 2013-11-19 16:51 UTC Modified: -
Votes:2
Avg. Score:4.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: andy at propcom dot co dot uk Assigned:
Status: Open Package: FPM related
PHP Version: 5.4.22 OS: CentOS
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: andy at propcom dot co dot uk
New email:
PHP Version: OS:

 

 [2013-11-19 16:51 UTC] andy at propcom dot co dot uk
Description:
------------
The query string of an FPM request is copied unescaped into the JSON output. If the query string contains an unescaped double quote, this causes invalid JSON to be output.

The query string is correctly escaped when output as HTML or XML, this needs extending to JSON:

https://github.com/php/php-src/blob/PHP-5.4.22/sapi/fpm/fpm/fpm_status.c#L421

Test script:
---------------
Note that most browsers will urlencode double quotes automatically so CURL (or equivalent) should be used to test.

curl 'http://localhost/sleep.php?test"foo' &

curl 'http://localhost/fpmstatus.php?json&full'


Expected result:
----------------
..."request uri":"/sleep.php?test\"foo"...

Actual result:
--------------
..."request uri":"/sleep.php?test"foo"...

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Thu Dec 12 19:01:25 2019 UTC