|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73778 FCGI_END_REQUEST repeated
Submitted: 2016-12-17 23:32 UTC Modified: 2017-01-11 05:56 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: max dot bruce12 at gmail dot com Assigned: krakjoe (profile)
Status: Closed Package: FPM related
PHP Version: 7.1.0 OS: Ubuntu 16.04
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: max dot bruce12 at gmail dot com
New email:
PHP Version: OS:


 [2016-12-17 23:32 UTC] max dot bruce12 at gmail dot com
When writing a web server that interfaces with PHP-FPM (PHP 7.0.8-0ubuntu0.16.04.3 (fpm-fcgi)), I noticed that extra FCGI_END_REQUESTs were sent after each request when using sending requests sequentially but not multiplexed. This happened using all 0's for request ids or sequential ids. 

Test script:
Send a request to the FCGI server.
Attempt to send another request or simply wait perhaps, on the same connection.

Actual result:
Caused misordered pages in my implementation which wasn't expecting extra end-requests, could allow users to interfere with others loading of web pages. Very insecure if not handled.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-11 05:56 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: krakjoe
 [2017-01-11 05:56 UTC]
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at

 For Windows:
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sat Jan 28 01:03:46 2023 UTC