php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78200 php-fpm doesn't prevent bogus Status-Line header to be send
Submitted: 2019-06-23 15:03 UTC Modified: 2019-06-27 12:05 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: vnsavage at gmail dot com Assigned:
Status: Verified Package: *General Issues
PHP Version: 7.2.19 OS: Debian
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: vnsavage at gmail dot com
New email:
PHP Version: OS:

 

 [2019-06-23 15:03 UTC] vnsavage at gmail dot com
Description:
------------
PHP-FPM will not validate that the HTTP status line set in PHP is correct as described in rfc2616. Thus it will forward an incorrect CGI "Status:" response (which doesn't conform to rfc3875).

Test script:
---------------
Set this incorrect header from PHP: 

header( 'HTTP/1.1 Service Unavailable', true, 503 );

Then in sapi/fpm/fpm/fpm_main.c we have

                len = slprintf(buf, sizeof(buf), "Status:%s\r\n", s);

which results in "Status: Service Unavailable" sent to the CGI socket.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-06-27 12:01 UTC] sjon@php.net
-Status: Open +Status: Verified
 [2019-06-27 12:01 UTC] sjon@php.net
nginx responds with "502 Bad Gateway" and logs

> upstream sent invalid status "Service Unavailable" while reading response header from upstream,

While this is documented as such, maybe the header should validated before being send out
 [2019-06-27 12:05 UTC] sjon@php.net
-Summary: php-fpm status parsing +Summary: php-fpm doesn't prevent bogus Status-Line header to be send
 [2023-05-25 11:51 UTC] loreydsyuyu322 at gmail dot com
That was so amazing. (https://www.myccpay.vip/)github.com
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Tue Jan 14 11:01:28 2025 UTC