php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #6642 Userspace exploit crashes web-serving machine
Submitted: 2000-09-09 15:01 UTC Modified: 2002-01-28 20:05 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:0 of 1 (0.0%)
From: macabre at fl dot rr dot com Assigned:
Status: Not a bug Package: Feature/Change Request
PHP Version: 4.0.2 OS: Debian/Linux kernel 2.2.17
Private report: No CVE-ID: None
 [2000-09-09 15:01 UTC] macabre at fl dot rr dot com
Using: Apache 1.3.12/PHP4 with MySQL support

I have recently discovered a bug in PHP 4 (but not specifically 4)
which unviels the fact that any user on the system can crash the machine
with a very simple PHP document.  They can do this by using the Include()
function to include the same document being loaded, causing a serious recursion problem which will quickly max out CPU and memory usage of the web-serving machine, especially if a phpInfo() call is done before the Include()

I am currently working on a patch for this.

Here is the exploitable code:

index.php:

<html lang="en">
<body>
<?php phpInfo(); ?>
<?php Include("./index.php"); ?>
</body>
</html>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-28 20:05 UTC] yohgaki@php.net
Including script itself is perfectly valid just like recursive function call.
It's user's responsibitily not to write script that executes the same portion of code forever.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Dec 10 19:01:27 2024 UTC