Edit report at https://bugs.php.net/bug.php?id=41561&edit=1
ID: 41561
Comment by: axelfolder at bk dot ru
Reported by: samy-delux at gmx dot de
Summary: Values set with php_admin_* in httpd.conf can be
overwritten with ini_set()
Status: Closed
Type: Bug
Package: PHP options/info functions
Operating System: Ubuntu Linux
PHP Version: 5.2.3
Assigned To: tony2001
Block user comment: N
Private report: N
New Comment:
Ðдмин ÐÐÐТ!!!!!!!!!!!!!!!! Рома а ÑÑ Ð½ÐµÐ²ÐµÑил мне
блÑдÑ)))!
Previous Comments:
------------------------------------------------------------------------
[2007-09-07 09:39:52] j...@php.net
To theta...@php.net: This is now fixed in CVS. (there was no thread issue at
all, AFAICT..)
------------------------------------------------------------------------
[2007-08-31 07:55:01] j...@php.net
Patch re-applied, it's not the one causing above problems.
thetaphi: Open separate report about this.
------------------------------------------------------------------------
[2007-08-03 13:28:57] theta...@php.net
I suppose there is something special with error reporting that corrupts it. It
seems that it does not like it to be changed to ZEND_INI_SYSTEM because the
@operator tries to change the value (e.g. in zend_vm_execute.h), which fails
silently:
static int ZEND_BEGIN_SILENCE_SPEC_HANDLER(ZEND_OPCODE_HANDLER_ARGS)
{
zend_op *opline = EX(opline);
Z_LVAL(EX_T(opline->result.u.var).tmp_var) = EG(error_reporting);
Z_TYPE(EX_T(opline->result.u.var).tmp_var) = IS_LONG; /* shouldn't be
necessary */
if (EX(old_error_reporting) == NULL) {
EX(old_error_reporting) = &EX_T(opline->result.u.var).tmp_var;
}
if (EG(error_reporting)) {
zend_alter_ini_entry("error_reporting",
sizeof("error_reporting"), "0", 1, ZEND_INI_USER, ZEND_INI_STAGE_RUNTIME);
}
ZEND_VM_NEXT_OPCODE();
}
=> When error_reporting was overwritten with ADMIN privileges it cannot be
changed anymore by the @ operator :)
For my first idea where this bug comes from: You should move
if (stage == ZEND_INI_STAGE_ACTIVATE && modify_type == ZEND_INI_SYSTEM) {
ini_entry->modifiable = ZEND_INI_SYSTEM;
}
Behind the if-clause: "if (!modified) {..." to only modify the thread local
ini-entry!
------------------------------------------------------------------------
[2007-08-03 12:53:16] theta...@php.net
The patch corrupts overwriting of ini entries in multithreaded webserver SJSWS
(formerly iplanet/SunONE).
It seems that the INI entry is modified in a way that corrupts its further
usage. I would suggest to change this patch that the modify_type in
ini_entry->modifiable = ZEND_INI_SYSTEM should only be set in the replicated
"modified" ini entry that is only available to the current request. Changing it
in the global ini table corrupts it and stops further threads from modifying it
(where no php_admin value is used and it should be overwriteable!)...
see discussion on intern...@lists.php.net
------------------------------------------------------------------------
[2007-06-08 14:48:41] tony2...@php.net
This bug has been fixed in CVS.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
Thank you for the report, and for helping us make PHP better.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=41561
--
Edit this bug report at https://bugs.php.net/bug.php?id=41561&edit=1
