php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #70766 A simple code that file happen to changed into a buffer loop!
Submitted: 2015-10-22 06:11 UTC Modified: 2015-10-25 09:52 UTC
From: a dot x dot l at live dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.4.45 OS: win,*nix
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
37 - 24 = ?
Subscribe to this entry?

 
 [2015-10-22 06:11 UTC] a dot x dot l at live dot com 
Description:
------------
Will, while i was coding a simple PHP code for practice I run into this bug witch i found out that it start making many sessions by it self and start looping until the Apache process is full(The code have no loops).
I tested it on windows, *nix in v 5.4.* I believe its the same on other versions.

Test script:
---------------
<?php

function p404curl($url){
	$ch = curl_init();      
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
        curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
        return curl_exec($ch);
}

if (strtolower(substr(PHP_OS,0,3))=="win")
    $sys='win';
 else
    $sys='unix';

$me = basename(__FILE__ );
$uul = $_SERVER['PHP_SELF'];
$rew = md5(time());
$uul = str_replace($_SERVER['REQUEST_URI'],$rew,$uul);
$uul= 'http://'.$_SERVER['HTTP_HOST'].$uul;
$uul1 = $_SERVER['REQUEST_URI'];
$uul = str_replace($rew,$_SERVER['REQUEST_URI'],$uul);

$d404 = 'e';
if ($sys == 'win'){
	if (!isset($_SESSION['hidden']) || !file_exists('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1))){
		$p404 = p404curl($uul) or $d404;
		file_put_contents("C:\\Users\\Default\\AppData\\Local\\Temp\\".md5($uul1),$p404);
		$_SESSION['hidden'] = md5($uul1);
	}else{
		$p404 = file_get_contents('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1));
	}
}else{
	if (!isset($_SESSION['hidden']) || !file_exists('/tmp/'.md5($uul1))){
		$p404 = p404curl($uul) or $d404;
		file_put_contents('/tmp/'.md5($uul1),$p404);
		$_SESSION['hidden'] = md5($uul1);
		
	}else{
		$p404 = file_get_contents('/tmp/'.md5($uul1));
		
	}
}

echo $p404;
	die();

Expected result:
----------------
nothing the web page will keep on loading and the server will be down, because apache will be full.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-10-25 09:52 UTC] ab@php.net
-Status: Open +Status: Not a bug
 [2015-10-25 09:52 UTC] ab@php.net 
Looks like your script creates a request loop to the script self. You also omit several error checks that are essential for the script to terminate in order to correspond to your intended behavior. If you still think it's a bug in PHP, please create a simpler script reproducing the issue.

Thanks.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu May 02 21:01:31 2024 UTC