php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #79889 shell_exec()ed CLI process contains $_SERVER['HTTP_*'] variables
Submitted: 2020-07-23 14:09 UTC Modified: 2020-07-24 18:38 UTC
Votes:4
Avg. Score:2.0 ± 1.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: ibrahim dot alexandru at gmail dot com Assigned:
Status: Open Package: CGI/CLI related
PHP Version: 7.4.8 OS: macOS
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ibrahim dot alexandru at gmail dot com
New email:
PHP Version: OS:

 

 [2020-07-23 14:09 UTC] ibrahim dot alexandru at gmail dot com
Description:
------------
When executing a php script through CLI that has been triggered with shell_exec() from a script that was running under Apache, the newly spawned cli script contains all the HTTP related variables in $_SERVER, and it shouldn't.



In apache config I have a VirtualHost with the following:

ScriptAlias /cgi-bin/ /usr/local/Cellar/php/7.4.8/bin/
AddHandler php-cgi php
Action php-cgi /cgi-bin/php-cgi

Test script:
---------------
<?php
echo '<pre>';
echo php_sapi_name().PHP_EOL;
if (php_sapi_name() == 'cli') {
	print_r($_SERVER);
} else {
	echo shell_exec('/usr/local/bin/php '.__FILE__);
}
echo '</pre>';


Actual result:
--------------
cgi-fcgi
cli
Array
(
    [SERVER_SIGNATURE] => 
    [ORIG_PATH_TRANSLATED] => /Volumes/Macintosh HD/Users/ibra/Documents/work/www/__work_projects/basicly/test.php
    [HTTP_SEC_FETCH_DEST] => document
    [HTTP_SEC_FETCH_USER] => ?1
    [HTTP_USER_AGENT] => Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36
    [SERVER_PORT] => 80
    [HTTP_HOST] => dev.localhost
    [REDIRECT_no_gzip] => 1
    [REDIRECT_HANDLER] => php-cgi
    [DOCUMENT_ROOT] => 
    [SCRIPT_FILENAME] => /Users/ibra/Documents/work/www/__work_projects/basicly/test.php
    [REQUEST_URI] => /basicly/test.php
    [SCRIPT_NAME] => /Users/ibra/Documents/work/www/__work_projects/basicly/test.php
    [__CF_USER_TEXT_ENCODING] => 0x46:0:0
    [HTTP_CONNECTION] => keep-alive
    [REMOTE_PORT] => 54901
    [no_gzip] => 1
    [ORIG_SCRIPT_FILENAME] => /usr/local/Cellar/php/7.4.8/bin/php-cgi
    [PATH] => /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/VMware Fusion.app/Contents/Public:/opt/X11/bin:/Library/Apple/usr/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Applications/Wireshark.app/Contents/MacOS
    [CONTEXT_PREFIX] => /cgi-bin/
    [PWD] => /Users/ibra/Documents/work/www/__work_projects/basicly
    [SERVER_ADMIN] => you@example.com
    [REQUEST_SCHEME] => http
    [REDIRECT_STATUS] => 200
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.9,ro;q=0.8
    [ORIG_SCRIPT_NAME] => /cgi-bin/php-cgi
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    [REMOTE_ADDR] => ::1
    [SHLVL] => 1
    [SERVER_NAME] => dev.localhost
    [SERVER_SOFTWARE] => Apache/2.4.43 (Unix) OpenSSL/1.1.1g PHP/7.4.8
    [HTTP_SEC_FETCH_MODE] => navigate
    [QUERY_STRING] => 
    [SERVER_ADDR] => ::1
    [GATEWAY_INTERFACE] => CGI/1.1
    [HTTP_UPGRADE_INSECURE_REQUESTS] => 1
    [SERVER_PROTOCOL] => HTTP/1.1
    [HTTP_ACCEPT_ENCODING] => gzip, deflate, br
    [HTTP_CACHE_CONTROL] => max-age=0
    [REDIRECT_URL] => /basicly/test.php
    [HTTP_SEC_FETCH_SITE] => none
    [REQUEST_METHOD] => GET
    [HTTP_COOKIE] => iact_ECMSIMCO=b77hemh4vpum0qnoosjl39btju; _ga=GA1.2.2114080618.1579620442; iact_VENEDGE=020enm3i9kihfdrf16glq80s7o; TEXTEDLY_v2_lang=en; px_anonymousId=848ea8ec-03d6-2268-1f9d-7a9efb4a9c99; ajs_anonymous_id=%22848ea8ec-03d6-2268-1f9d-7a9efb4a9c99%22; __stripe_mid=1dea8218-0664-49f5-b0d1-bbb7dc62fc82; PHPSESSID=t5nfctqv6na7do971vfmae9fdj; TEXTEDLY_v2_logged_userdata=28d4cc7b19e27ee2f1746d8b5eabb0e5; TEXTEDLY_v2_auth=28d4cc7b19e27ee2f1746d8b5eabb0e5; _gcl_au=1.1.523438538.1588778051; TEXTEDLY_v2-toggle=false; _delighted_web={%22C1ilulsh64lroAwc%22:{%22_delighted_fst%22:{%22t%22:%221595244303260%22}}}; intercom-session-goeihfsj=aGg4dW80aGFUZVpvK1F4RUJQTUhVenNUcXpOWlZzVy93NW1sNzU5MjBuNXZKSWU3K0xpT21VS2p0QStYdlJCTy0tM2dRM0RPeFh1TXdkeHZYSlpNYVJZQT09--98d794fd0e98a6363dc84f7356776271e8223b9f; XDEBUG_SESSION=PHPSTORM
    [ORIG_PATH_INFO] => /basicly/test.php
    [CONTEXT_DOCUMENT_ROOT] => /usr/local/Cellar/php/7.4.8/bin/
    [_] => /usr/local/bin/php
    [PHP_SELF] => /Users/ibra/Documents/work/www/__work_projects/basicly/test.php
    [PATH_TRANSLATED] => /Users/ibra/Documents/work/www/__work_projects/basicly/test.php
    [REQUEST_TIME_FLOAT] => 1595512781.5624
    [REQUEST_TIME] => 1595512781
    [argv] => Array
        (
            [0] => /Users/ibra/Documents/work/www/__work_projects/basicly/test.php
        )

    [argc] => 1
)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-07-23 20:55 UTC] requinix@php.net
-Summary: CLI process contains $_SERVER['HTTP_*'] variables +Summary: shell_exec()ed CLI process contains $_SERVER['HTTP_*'] variables
 [2020-07-23 20:55 UTC] requinix@php.net
Pretty sure shell_exec() will reuse the environment... Which means you need to be using a different function where you can control what's present in the environment.
 [2020-07-24 08:36 UTC] ibrahim dot alexandru at gmail dot com
It could be, but if I run the same script under a PHP installed as an Apache module instead of CGI, I get a more expected result, like below:

------------

apache2handler
cli
Array
(
    [TERM] => xterm-256color
    [SHELL] => /bin/sh
    [USER] => root
    [SUDO_USER] => ibra
    [SUDO_UID] => 501
    [SSH_AUTH_SOCK] => /private/tmp/com.apple.launchd.mZTvWkrOyN/Listeners
    [__CF_USER_TEXT_ENCODING] => 0x46:0:0
    [PATH] => /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/VMware Fusion.app/Contents/Public:/opt/X11/bin:/Library/Apple/usr/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Applications/Wireshark.app/Contents/MacOS
    [MAIL] => /var/mail/root
    [_] => /usr/local/bin/php
    [PWD] => /Users/ibra/Documents/work/www
    [HOME] => /Users/ibra
    [SUDO_COMMAND] => /usr/local/bin/apachectl restart
    [SHLVL] => 2
    [LOGNAME] => root
    [LC_CTYPE] => UTF-8
    [DISPLAY] => /private/tmp/com.apple.launchd.UjxqYiGZnM/org.macosforge.xquartz:0
    [SUDO_GID] => 20
    [PHP_SELF] => /Users/ibra/Documents/work/www/test.php
    [SCRIPT_NAME] => /Users/ibra/Documents/work/www/test.php
    [SCRIPT_FILENAME] => /Users/ibra/Documents/work/www/test.php
    [PATH_TRANSLATED] => /Users/ibra/Documents/work/www/test.php
    [DOCUMENT_ROOT] => 
    [REQUEST_TIME_FLOAT] => 1595579540.9974
    [REQUEST_TIME] => 1595579540
    [argv] => Array
        (
            [0] => /Users/ibra/Documents/work/www/test.php
        )

    [argc] => 1
)
 [2020-07-24 18:38 UTC] requinix@php.net
CGI mode sends information through environment variables. Apache modules do not.
 [2020-07-25 07:39 UTC] Ibrahim dot alexandru at gmail dot com
Ok, I see. Thank you!
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Wed May 12 17:01:27 2021 UTC