php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #79723 sapi_cgi_read_post() ignores EOF
Submitted: 2020-06-21 18:58 UTC Modified: 2021-11-28 21:15 UTC
From: sam dot revitch at protonmail dot ch Assigned: bukka (profile)
Status: Assigned Package: FPM related
PHP Version: 7.4.7 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sam dot revitch at protonmail dot ch
New email:
PHP Version: OS:

 

 [2020-06-21 18:58 UTC] sam dot revitch at protonmail dot ch 
Description:
------------
When FPM receives records:

FCGI_BEGIN_REQUEST,
FCGI_PARAMS, including CONTENT_LENGTH=x
one or more nonempty FCGI_STDIN, with a total data length of y < x, and
FCGI_STDIN end-of-stream (empty data)

And the script reads php://input to the end, the read will hang until the socket is closed.  This is because sapi_cgi_read_post() expects CONTENT_LENGTH bytes, and does not appear to honor the FastCGI end-of-stream indicator if it receives fewer.

This is an edge case.  I stumbled upon it using Apache, mod_proxy_fcgi, and mod_security, where mod_security aborts a request based on part of the body.  It's certainly a bug that Apache doesn't close the FastCGI socket or send an abort record.  However, PHP shouldn't be hanging indefinitely after receiving an end-of-stream.

Patches

fcgi-read-eos.patch (last revision 2020-06-21 18:59 UTC by sam dot revitch at protonmail dot ch)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-06-21 18:59 UTC] sam dot revitch at protonmail dot ch 
The following patch has been added/updated:

Patch Name: fcgi-read-eos.patch
Revision:   1592765946
URL:        https://bugs.php.net/patch-display.php?bug=79723&patch=fcgi-read-eos.patch&revision=1592765946
 [2021-11-28 21:15 UTC] bukka@php.net
-Assigned To: +Assigned To: bukk
 [2021-11-28 21:15 UTC] bukka@php.net 
This is related (sort of duplicate) to https://bugs.php.net/bug.php?id=51191 . The reasoning why it cannot be currently accepted can be found in
 [2021-11-28 21:15 UTC] bukka@php.net
-Assigned To: bukk +Assigned To: bukka
 [2021-11-28 21:15 UTC] bukka@php.net 
https://github.com/php/php-src/pull/7509
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jul 06 02:01:36 2025 UTC