There is a bug in fpm_main.c. After accepting a request, it's
initialized and SG(request_info).path_translated must be set. If it's
not set (NULL) nothing is done and the php_execute_script is called
without having php_fopen_primary_script() called. It causes segfault:
1- call several time a non existant page (/noexistent.php)
2- call several time an existant page (/test.php)
3- call a non existant page (/noexistent.php) --> the child handling
this request segfaults
The solution is to return a 404 when SG(request_info).path_translated is NULL.
By the way, it corrects a non desired feature (bug ?) as well. When
calling a non existent value, it returns a 404 with the following
message
<br />
<b>Warning</b>: Unknown: Filename cannot be empty in <b>Unknown</b>
on line <b>0</b><br />
<br />
<b>Fatal error</b>: Unknown: Failed opening required ''
(include_path='.:/usr/local/lib/php') in <b>Unknown</b> on line
<b>0</b><br />
++ Jerome
Index: sapi/fpm/fpm/fpm_main.c
===================================================================
--- sapi/fpm/fpm/fpm_main.c (révision 292212)
+++ sapi/fpm/fpm/fpm_main.c (copie de travail)
@@ -1783,24 +1783,32 @@
return FAILURE;
}
- if (SG(request_info).path_translated) {
- if (php_fopen_primary_script(&file_handle
TSRMLS_CC) == FAILURE) {
- zend_try {
- if (errno == EACCES) {
-
SG(sapi_headers).http_response_code = 403;
- PUTS("Access
denied.\n");
- } else {
-
SG(sapi_headers).http_response_code = 404;
- PUTS("No input file
specified.\n");
- }
- } zend_catch {
- } zend_end_try();
- /* we want to serve more requests if
this is fastcgi
- * so cleanup and continue, request
shutdown is
- * handled later */
+ /* If path_translated is NULL, terminate here with a
404 */
+ if (!SG(request_info).path_translated) {
+ zend_try {
+ SG(sapi_headers).http_response_code =
404;
+ } zend_catch {
+ } zend_end_try();
+ goto fastcgi_request_done;
+ }
- goto fastcgi_request_done;
- }
+ /* path_translated exists, we can continue ! */
+ if (php_fopen_primary_script(&file_handle TSRMLS_CC) ==
FAILURE) {
+ zend_try {
+ if (errno == EACCES) {
+
SG(sapi_headers).http_response_code = 403;
+ PUTS("Access denied.\n");
+ } else {
+
SG(sapi_headers).http_response_code = 404;
+ PUTS("No input file
specified.\n");
+ }
+ } zend_catch {
+ } zend_end_try();
+ /* we want to serve more requests if this is
fastcgi
+ * so cleanup and continue, request shutdown is
+ * handled later */
+
+ goto fastcgi_request_done;
}
fpm_request_executing();
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
