diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2018-06-12 20:34:01 +0200 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2018-06-20 12:28:15 +0200 |
| commit | 69dee5c732fe982c82edb17d0dbc3e79a47748d8 (patch) | |
| tree | a1a5e861262f4069cfa4a24166ff5174fd94a066 | |
| parent | 5dd1ef90caec3021e6ce55c8554e695edf641eaf (diff) | |
| download | php-git-69dee5c732fe982c82edb17d0dbc3e79a47748d8.tar.gz | |
Fixed bug #73342
Directly listen on socket, instead of duping it to STDIN and
listening on that.
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_children.c | 1 | ||||
| -rw-r--r-- | sapi/fpm/fpm/fpm_stdio.c | 6 | ||||
| -rw-r--r-- | sapi/fpm/tests/bug73342-nonblocking-stdio.phpt | 46 |
4 files changed, 51 insertions, 6 deletions
@@ -5,6 +5,10 @@ PHP NEWS - Date: . Fixed bug #76462 (Undefined property: DateInterval::$f). (Anatol) +- FPM: + . Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to + non-blocking). (Nikita) + 22 Jun 2019, PHP 7.1.19 - CLI Server: diff --git a/sapi/fpm/fpm/fpm_children.c b/sapi/fpm/fpm/fpm_children.c index b48fa54f53..4ee316ba1b 100644 --- a/sapi/fpm/fpm/fpm_children.c +++ b/sapi/fpm/fpm/fpm_children.c @@ -146,6 +146,7 @@ static struct fpm_child_s *fpm_child_find(pid_t pid) /* {{{ */ static void fpm_child_init(struct fpm_worker_pool_s *wp) /* {{{ */ { fpm_globals.max_requests = wp->config->pm_max_requests; + fpm_globals.listening_socket = dup(wp->listening_socket); if (0 > fpm_stdio_init_child(wp) || 0 > fpm_log_init_child(wp) || diff --git a/sapi/fpm/fpm/fpm_stdio.c b/sapi/fpm/fpm/fpm_stdio.c index 40720176e1..76e8b324df 100644 --- a/sapi/fpm/fpm/fpm_stdio.c +++ b/sapi/fpm/fpm/fpm_stdio.c @@ -103,12 +103,6 @@ int fpm_stdio_init_child(struct fpm_worker_pool_s *wp) /* {{{ */ fpm_globals.error_log_fd = -1; zlog_set_fd(-1); - if (wp->listening_socket != STDIN_FILENO) { - if (0 > dup2(wp->listening_socket, STDIN_FILENO)) { - zlog(ZLOG_SYSERROR, "failed to init child stdio: dup2()"); - return -1; - } - } return 0; } /* }}} */ diff --git a/sapi/fpm/tests/bug73342-nonblocking-stdio.phpt b/sapi/fpm/tests/bug73342-nonblocking-stdio.phpt new file mode 100644 index 0000000000..3cf44d11ff --- /dev/null +++ b/sapi/fpm/tests/bug73342-nonblocking-stdio.phpt @@ -0,0 +1,46 @@ +--TEST-- +FPM: bug73342 - Non-blocking stdin +--SKIPIF-- +<?php include "skipif.inc"; ?> +--FILE-- +<?php + +require_once "tester.inc"; + +$cfg = <<<EOT +[global] +error_log = {{FILE:LOG}} +[unconfined] +listen = {{ADDR}} +pm = dynamic +pm.max_children = 5 +pm.start_servers = 1 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +EOT; + +$code = <<<EOT +<?php +echo "Before\n"; +stream_set_blocking(fopen('php://stdin', 'r'), false); +echo "After\n"; +EOT; + +$tester = new FPM\Tester($cfg, $code); +$tester->start(); +$tester->expectLogStartNotices(); +$tester->request()->expectBody("Before\nAfter"); +$tester->request()->expectBody("Before\nAfter"); +$tester->terminate(); +$tester->expectLogTerminatingNotices(); +$tester->close(); + +?> +Done +--EXPECT-- +Done +--CLEAN-- +<?php +require_once "tester.inc"; +FPM\Tester::clean(); +?> |