php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79723 sapi_cgi_read_post() ignores EOF
Submitted: 2020-06-21 18:58 UTC Modified: -
From: sam dot revitch at protonmail dot ch Assigned:
Status: Open Package: FPM related
PHP Version: 7.4.7 OS: Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-06-21 18:58 UTC] sam dot revitch at protonmail dot ch
Description:
------------
When FPM receives records:

FCGI_BEGIN_REQUEST,
FCGI_PARAMS, including CONTENT_LENGTH=x
one or more nonempty FCGI_STDIN, with a total data length of y < x, and
FCGI_STDIN end-of-stream (empty data)

And the script reads php://input to the end, the read will hang until the socket is closed.  This is because sapi_cgi_read_post() expects CONTENT_LENGTH bytes, and does not appear to honor the FastCGI end-of-stream indicator if it receives fewer.

This is an edge case.  I stumbled upon it using Apache, mod_proxy_fcgi, and mod_security, where mod_security aborts a request based on part of the body.  It's certainly a bug that Apache doesn't close the FastCGI socket or send an abort record.  However, PHP shouldn't be hanging indefinitely after receiving an end-of-stream.


Patches

fcgi-read-eos.patch (last revision 2020-06-21 18:59 UTC by sam dot revitch at protonmail dot ch)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-06-21 18:59 UTC] sam dot revitch at protonmail dot ch
The following patch has been added/updated:

Patch Name: fcgi-read-eos.patch
Revision:   1592765946
URL:        https://bugs.php.net/patch-display.php?bug=79723&patch=fcgi-read-eos.patch&revision=1592765946
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Oct 20 21:01:23 2020 UTC