php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #79691 Lack of error checking in `posix_kill`
Submitted: 2020-06-11 22:48 UTC Modified: 2020-06-12 07:29 UTC
From: srivas41 at purdue dot edu Assigned:
Status: Not a bug Package: POSIX related
PHP Version: 7.4.7 OS: Ubuntu 16.04
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: srivas41 at purdue dot edu
New email:
PHP Version: OS:

 

 [2020-06-11 22:48 UTC] srivas41 at purdue dot edu 
Description:
------------
`Posix_kill` lacks error checking for undefined variables passed and instead gets typecasted to `0` somehow owing to the internal implementation. As specified in the kill(2) manpage, `If pid equals 0, then sig is sent to every process in the process group of the calling process.` Therefore, `posix_kill` will incorrectly send the signal to all processes in the process group which includes the interpreter itself.

This behavior can be detrimental if a developer mistakingly passes an undefined variable to `posix_kill`. This behavior is reproducible with the script specified below. The script sends SIGHUP to the interpreter and exits prematurely due to lack of error checking for undefined variables in `posix_kill`. Therefore, before printing the last echo statement, `posix_kill` passes SIGHUP to the interpreter itself exiting prematurely. 

Test script:
---------------
<?php
echo "Testing Posix kill\n";
$signal_number=1; //SIGHUP=1
posix_kill($DUMMY, $signal_number); // $DUMMY is undefined
echo "Posix kill can error check for undefined variables!";
?>

Expected result:
----------------
Ideally, PHP interpreter should raise an error for an undefined variable for the above test script instead of just weakly typing the undefined variable to `0`.

Actual result:
--------------
The message displayed would be something like:
```
Testing Posix kill
[2] <PHP Interpreter PID> hangup ./sapi/cli/php -f test.php
```

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-06-11 23:02 UTC] requinix@php.net
-Status: Open +Status: Feedback -Package: Reproducible crash +Package: POSIX related
 [2020-06-11 23:02 UTC] requinix@php.net 
PHP does warn about the undefined variable. If you can't see the warning then you don't have the appropriate error settings enabled.
 [2020-06-11 23:20 UTC] srivas41 at purdue dot edu
-Status: Feedback +Status: Open
 [2020-06-11 23:20 UTC] srivas41 at purdue dot edu 
Could you specify which set of configuration flags enables PHP to warn about the undefined variable in this specific case? I built with `./buildconf && ./configure --enable-werror && make -j`nproc`. No error or warning was emitted while running the test script.
 [2020-06-11 23:24 UTC] requinix@php.net
-Status: Open +Status: Feedback
 [2020-06-11 23:24 UTC] requinix@php.net 
They're php.ini settings.

display_errors = on
error_reporting = =-1

https://www.php.net/manual/en/errorfunc.configuration.php
 [2020-06-11 23:25 UTC] requinix@php.net 
Mind the typo.
 [2020-06-11 23:54 UTC] srivas41 at purdue dot edu
-Status: Feedback +Status: Open
 [2020-06-11 23:54 UTC] srivas41 at purdue dot edu 
Okay, it does emit an warning with the `php.ini` configurations you specified. Currently, this warning is emitted at `E_ALL`. Do you think it would be better if it was flagged as an error such as `E_ERROR` or `E_COMPILE_ERROR` instead? Since in in this particular case the variable being undefined can have unintended side-effects.
 [2020-06-12 00:48 UTC] requinix@php.net
-Status: Open +Status: Not a bug
 [2020-06-12 00:48 UTC] requinix@php.net 
E_ERROR is fatal and E_COMPILE_ERROR is for compilation errors.

E_WARNING is appropriate.

Use an IDE that can identify these sorts of problems for you, and always make sure that errors are being logged or outputted to somewhere you can monitor.
 [2020-06-12 07:29 UTC] nikic@php.net 
Undefined variables were changed from E_NOTICE to E_WARNING in PHP 8.0. Additionally, E_ALL is now used as the default error reporting level.

Unfortunately elevating undefined variables to an exception did not reach consensus. Apparently some legacy code intentionally uses undefined variables.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri Apr 19 05:01:29 2024 UTC