php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #70766 A simple code that file happen to changed into a buffer loop!
Submitted: 2015-10-22 06:11 UTC Modified: 2015-10-25 09:52 UTC
From: a dot x dot l at live dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.4.45 OS: win,*nix
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: a dot x dot l at live dot com
New email:
PHP Version: OS:

 

 [2015-10-22 06:11 UTC] a dot x dot l at live dot com 
Description:
------------
Will, while i was coding a simple PHP code for practice I run into this bug witch i found out that it start making many sessions by it self and start looping until the Apache process is full(The code have no loops).
I tested it on windows, *nix in v 5.4.* I believe its the same on other versions.

Test script:
---------------
<?php

function p404curl($url){
	$ch = curl_init();      
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
        curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
        return curl_exec($ch);
}

if (strtolower(substr(PHP_OS,0,3))=="win")
    $sys='win';
 else
    $sys='unix';

$me = basename(__FILE__ );
$uul = $_SERVER['PHP_SELF'];
$rew = md5(time());
$uul = str_replace($_SERVER['REQUEST_URI'],$rew,$uul);
$uul= 'http://'.$_SERVER['HTTP_HOST'].$uul;
$uul1 = $_SERVER['REQUEST_URI'];
$uul = str_replace($rew,$_SERVER['REQUEST_URI'],$uul);

$d404 = 'e';
if ($sys == 'win'){
	if (!isset($_SESSION['hidden']) || !file_exists('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1))){
		$p404 = p404curl($uul) or $d404;
		file_put_contents("C:\\Users\\Default\\AppData\\Local\\Temp\\".md5($uul1),$p404);
		$_SESSION['hidden'] = md5($uul1);
	}else{
		$p404 = file_get_contents('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1));
	}
}else{
	if (!isset($_SESSION['hidden']) || !file_exists('/tmp/'.md5($uul1))){
		$p404 = p404curl($uul) or $d404;
		file_put_contents('/tmp/'.md5($uul1),$p404);
		$_SESSION['hidden'] = md5($uul1);
		
	}else{
		$p404 = file_get_contents('/tmp/'.md5($uul1));
		
	}
}

echo $p404;
	die();

Expected result:
----------------
nothing the web page will keep on loading and the server will be down, because apache will be full.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-10-25 09:52 UTC] ab@php.net
-Status: Open +Status: Not a bug
 [2015-10-25 09:52 UTC] ab@php.net 
Looks like your script creates a request loop to the script self. You also omit several error checks that are essential for the script to terminate in order to correspond to your intended behavior. If you still think it's a bug in PHP, please create a simpler script reproducing the issue.

Thanks.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 03 01:01:33 2024 UTC