ID: 39927
Updated by: [EMAIL PROTECTED]
Reported By: to_devnull at yahoo dot com
-Status: Bogus
+Status: Closed
Bug Type: Apache related
Operating System: all
PHP Version: 5.2.0
New Comment:
Fixed in 5.2, 5.3 and 6 CVS
Previous Comments:
------------------------------------------------------------------------
[2006-12-23 01:26:07] [EMAIL PROTECTED]
I think the answer to that should be pretty obvious. We don't want to
change behaviour of the code with and without register_globals. An app
would have to check the register_globals setting in order to determine
what the variable is called. That's even more confusing than the
current situation where it is simply consistently changed. Once you
realize that server variables may not contain spaces or dots, it is
quite straightforward to write code against that.
In fact, even when register_globals is completely removed, I doubt this
will change since it would break backward compatibility with all
existing apps.
------------------------------------------------------------------------
[2006-12-23 00:58:32] judas dot iscariote at gmail dot com
Ilia:
This behaviour is pretty much broken, why it does not check when
register_globals is disabled and behaves correctly ?
(and maybe drop register_globals in 5.3 or asap will be nice too ;) )
------------------------------------------------------------------------
[2006-12-22 21:58:27] to_devnull at yahoo dot com
This a strange reply ("Read a manual, this is not a bug").
Am I doing anything wrong here? I'm using default php installation and
register_globals is Off in php.ini. Is there a way to configure php not
to touch values in r->subprocess_env?
My point is that php silently breaks Apache behavior by modifying
specific data that is supposed to be read-only.
If Apache allows "force-response-1.0" in its subprocess_env table, why
php changes it? If php wants to modify input var names, it should make a
copy.
I may be totally wrong and miss some important configuration issue. In
this case I'd greatly appreciate if you point me in the right direction.
But canned response is not an answer.
------------------------------------------------------------------------
[2006-12-22 03:34:42] [EMAIL PROTECTED]
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
This is legacy of register_globals, as long as it exists . and
spaces in input var names will be converted to underscores.
------------------------------------------------------------------------
[2006-12-22 00:28:27] to_devnull at yahoo dot com
Description:
------------
I'm "reopening" Bug #13961 since some moron marked it as "bogus" and I
can't comment on it:
http://bugs.php.net/bug.php?id=13961
Apache module mod_setenvif sets variables in
r->subprocess_env. If variable name contains character ".", then
sapi_apache_register_server_variables() will
replace it with "_". This breaks internal
variables like force-response-1.0 (php changes it to
force-response-1_0).
I hit this bug with PHP4.4.3/PHP5 and latest Apache 1.3.37. Spent
several hours tracing in debugger why "downgrade-1.0" becomes
"downgrade-1_0". This is a serious bug -- basically it's impossible to
downgrade client request/server response to HTTP 1.0 (or disable
chunking) if php is involved. What a shame!
Reproduce code:
---------------
I actually traced it by shoving a static string containing '.' in
r->subprocess_env and thus getting Apache to core dump when php tries to
write to read-only memory in php_register_variable_ex().
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39927&edit=1
