ID: 37560 Comment by: soussey at network54 dot com Reported By: tsr2600 at gmail dot com Status: Assigned Bug Type: MySQLi related Operating System: FreeBSD 6.1 PHP Version: 5.1.4 Assigned To: georg New Comment:
I can confirm this. It also happens under FastCGI. If a page can be found that produces an error, an attacker can use this repeatedly to shut down an entire site. The attack need only be a person and a browser and need not to continue in order to DOS and bring down a site. Previous Comments: ------------------------------------------------------------------------ [2006-05-23 11:42:53] tsr2600 at gmail dot com Description: ------------ When a MySQLi resource is created, a fatal error or exception (possibly others) will result in the script terminating but MySQL's SHOW PROCESSLIST; will report a "Reading from net" state indefinitely for as many connections as were created before script termination. These connections will be accumulated until MySQL fails with too many connections. This only occurs when PHP is running as an Apache module, it does not occur when PHP is running from the command line. Also, this does not occur with the MySQL PHP functions, only MySQLi. I have tested this on: FreeBSD 6.1, PHP 5.1.4, Apache 2.0.58, MySQL 4.0.19 Gentoo, PHP 5.1.4, Apache 2.2.0, MySQL 4.0.19 Reproduce code: --------------- <?php $dbh = mysqli_connect($any, $valid, $params, $work); some_undefined_function_resulting_in_error(); ?> Expected result: ---------------- A fatal error, telling me that I made a call to an undefined function. I expect no residual MySQLi connections. Actual result: -------------- A fatal error, telling me that I made a call to an undefined function. However, I still have a residual MySQLi connection, as reported by MySQL's SHOW PROCESSLIST; ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=37560&edit=1