php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #67427 SoapServer cannot handle large messages
Submitted: 2014-06-12 16:54 UTC Modified: 2015-03-30 15:29 UTC
Votes:5
Avg. Score:5.0 ± 0.0
Reproduced:4 of 4 (100.0%)
Same Version:2 (50.0%)
Same OS:3 (75.0%)
From: brandt at docoloc dot de Assigned:
Status: Closed Package: SOAP related
PHP Version: 5.6.7 OS: Linux, Debian jessie
Private report: No CVE-ID: None
View Developer Edit
 [2014-06-12 16:54 UTC] brandt at docoloc dot de 
Description:
------------
Since php-5.6.0 SOAP messages bigger than about 9.9MB (I haven't tested the exact value) are not processed correctly on the SoapServer. Instead a SoapFault "Bad Request" is returned to the SoapClient and PHP produces the following warning:

PHP Warning:  SoapServer::handle(): php://input:2: parser error : xmlSAX2Characters: huge text node in /var/www/soapapi/server.php on line 19
PHP Warning:  SoapServer::handle(): bLklQQOUHbKlsdztx6mvbvj7b3knhnQ7gWsl1p9tcrJeRKD02YBLAZUfeGfVh3xVS2+Inhh7Yaf4J8Ky in /var/www/soapapi/server.php on line 19
PHP Warning:  SoapServer::handle():                                                                                ^ in /var/www/soapapi/server.php on line 19

With php-5.5.12 the exact same code works fine with such big SOAP messages.

I guess libxml:XML_PARSE_HUGE needs to be set somewhere in order to process such big messages.




Test script:
---------------
At http://viking.docoloc.de/soapapi.tgz you can find a simple SOAP example, consisting of a WSDL file, a server.php as well as a client.php. This example allows uploading of files to the SOAP server which will return the file size in bytes. When using this code you need to set the correct hostname of the server in client.php as well as in SoapAPI.wsdl. 

When uploading a file up to a size of about 7MB everything works fine and client.php writes the number of bytes as returned from the SoapServer to stdout. But when uploading a file of 7.5MB (due to base64 encoding this produces a SOAP message of about 9.9MB) the SoapFault "Bad Request" is produced.

Patches

php5-soap_xmlParseFile-enable-huge.patch (last revision 2014-11-21 17:24 UTC by brandt at docoloc dot de)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-11-25 10:04 UTC] brandt at docoloc dot de
-PHP Version: 5.6.0beta4 +PHP Version: 5.6.2
 [2014-11-25 10:04 UTC] brandt at docoloc dot de 
The given patch solves the problem by setting libxml:XML_PARSE_HUGE in ext/soap/php_xml.c
 [2015-01-25 16:47 UTC] omars@php.net 
I don't think setting it globally is a good idea, they must have put that flag there for a reason. I'd recommend that it would be one of the options the user can set on demand.
 [2015-01-25 16:57 UTC] omars@php.net 
This can be a good reason why it shouldn't be enabled by default ever:
http://en.wikipedia.org/wiki/Billion_laughs
 [2015-02-16 14:19 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=40c60b8212b8ab18fd5bf9a426f99e42d9908f8e
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 [2015-02-16 14:19 UTC] felipe@php.net
-Status: Open +Status: Closed
 [2015-02-16 14:45 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=650098868ca952cd34b2b834b1bdbd284be62f1e
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 [2015-02-16 15:08 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e08bef442c63a3e0f9eac43d8f5e09213347d3ca
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 [2015-02-17 03:14 UTC] felipe@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e08bef442c63a3e0f9eac43d8f5e09213347d3ca
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 [2015-03-30 12:34 UTC] brandt at docoloc dot de
-Status: Closed +Status: Assigned -PHP Version: 5.6.2 +PHP Version: 5.6.7
 [2015-03-30 12:34 UTC] brandt at docoloc dot de 
The bug is still present in php 5.6.6 and also 5.6.7. It seems that it was closed in 5.4.38 only.
 [2015-03-30 14:08 UTC] tyrael@php.net
-Status: Assigned +Status: Feedback
 [2015-03-30 14:08 UTC] tyrael@php.net 
are you sure?
5.5 and 5.6 has the same fix as the one applied to 5.4:
http://git.php.net/?p=php-src.git;a=blob;f=ext/soap/php_xml.c;hb=refs/heads/PHP-5.4#l103
http://git.php.net/?p=php-src.git;a=blob;f=ext/soap/php_xml.c;hb=refs/heads/PHP-5.5#l103
http://git.php.net/?p=php-src.git;a=blob;f=ext/soap/php_xml.c;hb=refs/heads/PHP-5.6#l103
 [2015-03-30 15:29 UTC] brandt at docoloc dot de
-Status: Feedback +Status: Closed
 [2015-03-30 15:29 UTC] brandt at docoloc dot de 
Sorry, I tried only for 5.6.6 where this bug is not closed and looked into the changelog of 5.6.7 where the bug was not mentioned. However, the code of 5.6.7 contains the patch.
 [2016-07-20 11:39 UTC] davey@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=650098868ca952cd34b2b834b1bdbd284be62f1e
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 [2016-07-20 11:39 UTC] davey@php.net 
Automatic comment on behalf of felipensp@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=40c60b8212b8ab18fd5bf9a426f99e42d9908f8e
Log: - Fixed bug #67427 (SoapServer cannot handle large messages) patch by: brandt at docoloc dot de
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Tue Nov 04 14:00:01 2025 UTC