ID: 29652 Comment by: rvs at angara dot ru Reported By: yannick at agl dot fr Status: Feedback Bug Type: OCI8 related Operating System: Linux Redhat 7.3 PHP Version: 4.3.7 New Comment:
P.S. I think you can't reproduce this under Linux because of the Oracle Client software design for Linux may be quite different from Solaris' one. Previous Comments: ------------------------------------------------------------------------ [2004-09-16 11:42:04] rvs at angara dot ru Tried your patch, it resolves the problem partially. In fact, only one bad case remains: C'. using ocilogon()/ociplogon() with invalid credentials. I mean if you use ocinlogon() with invalid credentials, all works because the ENV handle is freed for exclusive session explictly by your patch. So I suppose you should free ENV handle explicitly in the case of a failed connection/invalid logon also. Then all will work fine, hope :-) How about these patches for 4.3.x? Sergei ------------------------------------------------------------------------ [2004-09-16 07:49:13] [EMAIL PROTECTED] Please, try this patch: http://tony2001.phpclub.net/dev/tmp/bug29652.diff.txt It was done against HEAD, so please use latest snapshot from http://snaps.php.net The problem becomes complicated because I still can't reproduce this under Linux and Apache 1.3.31, no matter with or without the patch. ------------------------------------------------------------------------ [2004-09-15 14:58:08] rvs at angara dot ru Also note that PHP 5 has similar code for OCIEnvNlsCreate() and frees environment handle (OCI_HTYPE_ENV) only at shutdown. So the problem seems to be in PHP 5 also. Sergei V. Rozinov Leading RISC-Systems engineer JSC Sibron, RUSSIA ------------------------------------------------------------------------ [2004-09-15 13:59:10] rvs at angara dot ru I have the same error on php4.3.8/ora9.2.0.1.0/Solaris 9/sparc. Some details: the .msb file descriptors grow in the following cases: A. using ocinlogon() B. using ocilogon() and working as a Apache module C. using oci*logon() with invalid credentials. The following code of case "C" may exhaust filedescriptor limit very easily and quickly. for ($i=0; $i < 200; $i++) @ocilogon($i, $i, $db); After extensive researching I've found that: 1. the .msb file openings occur when OCIEnvNlsCreate() is called. 2. in ext/oci8.c,v 1.183.2.12 line 2257, function _oci_open_session() the OCIEnvNlsCreate() invoked when session is not persistent, not cached, or is exclusive. 3. if the session setup is unsuccessful, the environment handle is not freed. 4. the environment handle is freed only when PHP shuts down, see line 613. The result will be filedescriptor and memory leakage in all cases A,B,C mentioned above. This could lead to security/DOS problem for websites which use ocilogon()/ocinlogon() or passthrough Oracle authentication in their php scripts. Recommendations, workaround: 1. in module mode, avoid using ocilogon(), use ociplogon() instead. 2. avoid using Oracle pass-through authentication (i.e. when username and password for ociplogon() is given from the website user). 3. fixing oci8.c code to free env handle at least after unsuccessful logon is necessary. With regards, Sergei V. Rozinov Leading RISC-Systems engineer JSC Sibron, RUSSIA ------------------------------------------------------------------------ [2004-08-23 16:19:59] yannick at agl dot fr oci library: 9.2.0.3 ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/29652 -- Edit this bug report at http://bugs.php.net/?id=29652&edit=1
