php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74252 Non-existent STDIN duplicates FD 0 instead of registering it as closed stream
Submitted: 2017-03-15 14:55 UTC Modified: 2019-09-17 15:30 UTC
From: kelunik@php.net Assigned: nikic (profile)
Status: Wont fix Package: Streams related
PHP Version: Irrelevant OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: kelunik@php.net
New email:
PHP Version: OS:

 

 [2017-03-15 14:55 UTC] kelunik@php.net
Description:
------------
If no STDIN exists, STDIN is still registered as FD 0 instead of a closed stream. This results in scripts without STDIN reading from /dev/urandom, because that's opened and just uses the next free FD.

Instead of duplicating the FD in https://github.com/php/php-src/blob/16ae9f82e82e2aea5d7deaf8f9a9c825a56dfcc1/ext/standard/php_fopen_wrapper.c#L265 it should be registered as closed stream.

See also https://github.com/reactphp/stream/issues/81.

Test script:
---------------
php -r 'var_dump(!!fstat(STDIN));passthru("ls -o /proc/".getmypid()."/fd");' <&-

Expected result:
----------------
STDIN should be a closed stream instead of /dev/urandom

Actual result:
--------------
STDIN is /dev/urandom

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-03-16 11:55 UTC] kelunik@php.net
In fact, /dev/urandom is opened by some extension. With `./configure --disable-all` PHP segfaults with the same test case.


$ sapi/cli/php -r 'var_dump(!!fstat(STDIN));passthru("ls -o /proc/".getmypid()."/fd");' <&-
bool(false)
insgesamt 0
lr-x------ 1 kelunik 64 Mär 16 12:51 0 -> pipe:[7290202]
lrwx------ 1 kelunik 64 Mär 16 12:51 1 -> /dev/pts/1
lrwx------ 1 kelunik 64 Mär 16 12:51 2 -> /dev/pts/1
Speicherzugriffsfehler (Speicherabzug geschrieben)
 [2019-09-05 15:12 UTC] nikic@php.net
-Assigned To: +Assigned To: nikic
 [2019-09-06 12:30 UTC] nikic@php.net
The following pull request has been associated:

Patch Name: Handle closed stdio streams
On GitHub:  https://github.com/php/php-src/pull/4685
Patch:      https://github.com/php/php-src/pull/4685.patch
 [2019-09-17 15:30 UTC] nikic@php.net
-Status: Assigned +Status: Wont fix
 [2019-09-17 15:30 UTC] nikic@php.net
I've tried to address this in https://github.com/php/php-src/pull/4685, but failed because stdin already get hijacked prior to main(). I think the only thing left to say here is that closed stdio streams are ill-defined (UB in C), and you should be piping /dev/null instead.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 02:01:20 2019 UTC