php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #74611 php://input is available for multipart/form-data when post_max_size error
Submitted: 2017-05-18 14:32 UTC Modified: 2017-05-22 12:44 UTC
From: aki dot sen dot 1209 at gmail dot com Assigned:
Status: Verified Package: *General Issues
PHP Version: 7.1.5 OS: Windows and LINUX
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2017-05-18 14:32 UTC] aki dot sen dot 1209 at gmail dot com
Description:
------------
So when we uploaded binary file from html form, PHP usually cannot use 'php://input' right?

We usually use $_FILES, when we uploaded something binary.

But I discovered loophole it.
For example, you should set up '1024' with upload_max_filesize  and '1024' with post_max_size in php.ini.

Next you need to write 'ini_set("memory_limit", -1)'  in source code which you should execute.

So Let's upload something binary file to html form.
Then, You would notice what '$_FILES' and '$_POST' is empty.
But you can extract binary file from 'php://input'.
Let's use 'file_get_contents' for binary , to extract binary file from raw 'php://input'.

You would watch the notice of warning from PHP on display, But You can understand that the program was able to upload the binary file.


Test script:
---------------
<?php ini_set("memory_limit", -1);
    print_r($_FILES);
    print_r($_POST);
    print("<br >");
    ob_start();
    print(file_get_contents("php://input"));
    $get = ob_get_clean();
    file_put_contents("/tmp/".time(), $get);





Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-05-18 15:06 UTC] requinix@php.net
-Summary: We use 'php://input', when we uploaded the binary file from html form. +Summary: php://input is available for multipart/form-data when post_max_size error -Status: Open +Status: Verified -Type: Bug +Type: Documentation Problem
 [2017-05-18 15:06 UTC] requinix@php.net
PHP will read the request body (php://input) for multipart/form-data requests, which means it is not then available to read in userland. However PHP checks the Content-Length header first; if the value exceeds post_max_size then it will not read the body at all, thus making it available via php://input after all.

The docs for php://input
  http://php.net/manual/en/wrappers.php.php#wrappers.php.input
say simply that it is not available for multipart/form-data - I think this interesting edge case is worth mentioning, even if there's not much practical usage for it. However I'd keep it brief there and instead say more in the file uploads area.
  http://php.net/manual/en/features.file-upload.php
 [2017-05-22 12:44 UTC] aki dot sen dot 1209 at gmail dot com
Sorry, I was late for your replied.
I see, I could understand specification  which 'php://input' has.
But PHP team has the plan which will improve  this specification?
Can also php7 or later access 'php://input' which has 'multipart/form-data'?
If PHP has limit of post_max_size and upload_max_filesizse, PHP can extract binary data from 'php://input'?
I think problem that PHP has specification...
Sorry, I cannot write C languagem. 
Sorry, May be I am saying about besides of point.
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC