HOME Community Articles Code Library People Mail Archive My Account Contribute PHP Jobs

Open Source Database Feature Comparison Matrix Try Declarative Programming with Annotations and Aspects Locate All Stored Procedures and Their Objects/SQL Tables Building a Stored Procedure Generator Making Tables Read-only in Oracle

24-hour Support Daily Backup Dedicated Servers JSP/Java Servlets PHP MySQL Streaming Audio/Video Telnet/SSH Unix Hosting 24-hour Support

From: jmoore <email protected>
Date: 12/29/00

• Next message: sniper <email protected>: "[PHP-DEV] PHP 4.0 Bug #8463 Updated: Using internal function in usort call segfaults"
• Previous message: jhostetler <email protected>: "[PHP-DEV] PHP 4.0 Bug #8479: bison "-S" arg unrecogized in Zend.dsp"
• Next in thread: jmoore <email protected>: "[PHP-DEV] PHP 4.0 Bug #6642 Updated: Userspace exploit crashes web-serving machine"
• Maybe reply: jmoore <email protected>: "[PHP-DEV] PHP 4.0 Bug #6642 Updated: Userspace exploit crashes web-serving machine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ID: 6642
Updated by: jmoore
Reported By: macabre <email protected>
Status: Assigned
Old-Bug Type: Reproduceable crash
Bug Type: Feature/Change Request
Assigned To: jmoore
Comments:

OK for me it isnt that bad.. each apache process dies in turn but the computer is still 100% usable even with 1000 requests, the usage of apache grows then apache becomes defunct at which point another process is started.

This is with apache as mod_php and CGI.

CHanging this to a feature change request as your asking that a script cannot include itself.

James

Previous Comments:
---------------------------------------------------------------------------

[2000-12-23 21:07:12] jmoore <email protected>
I will test to see if this is the case if so I doubt there will be a fix due to speed but maybe somthing for a future safemode improvemnt.

James

---------------------------------------------------------------------------

[2000-09-09 15:01:25] macabre <email protected>
Using: Apache 1.3.12/PHP4 with MySQL support

I have recently discovered a bug in PHP 4 (but not specifically 4)
which unviels the fact that any user on the system can crash the machine
with a very simple PHP document. They can do this by using the Include()
function to include the same document being loaded, causing a serious recursion problem which will quickly max out CPU and memory usage of the web-serving machine, especially if a phpInfo() call is done before the Include()

I am currently working on a patch for this.

Here is the exploitable code:

index.php:

<html lang="en">
<body>
<?php phpInfo(); ?>
<?php Include("./index.php"); ?>
</body>
</html>

---------------------------------------------------------------------------

Full Bug description available at: http://bugs.php.net/?id=6642

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: sniper <email protected>: "[PHP-DEV] PHP 4.0 Bug #8463 Updated: Using internal function in usort call segfaults"
• Previous message: jhostetler <email protected>: "[PHP-DEV] PHP 4.0 Bug #8479: bison "-S" arg unrecogized in Zend.dsp"
• Next in thread: jmoore <email protected>: "[PHP-DEV] PHP 4.0 Bug #6642 Updated: Userspace exploit crashes web-serving machine"
• Maybe reply: jmoore <email protected>: "[PHP-DEV] PHP 4.0 Bug #6642 Updated: Userspace exploit crashes web-serving machine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]