From: zbuckholz at hotmail dot com Operating system: Linux RedHat 9 PHP version: 5.0.0 PHP Bug Type: Reproducible crash Bug description: Possibly DOS exploit using get_headers function
Description: ------------ Short example below will cause complete exhaustion. Seems to cause loop of some sort. <?php $server_name = ("http://" . $_SERVER['SERVER_NAME']); print_r(get_headers($server_name,true)); ?> from apache error log [Sat Jul 24 22:21:15 2004] [error] server reached MaxClients setting, consider raising the MaxClients setting Reproduce code: --------------- <?php $server_name = ("http://" . $_SERVER['SERVER_NAME']); print_r(get_headers($server_name)); ?> Expected result: ---------------- I expect to see what the documentation says I should see. But in the example code the $url is being provided to the get_headers function as a predefined string. Actual result: -------------- [Sat Jul 24 22:21:15 2004] [error] server reached MaxClients setting, consider raising the MaxClients setting -- Edit bug report at http://bugs.php.net/?id=29373&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29373&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29373&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=29373&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=29373&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=29373&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=29373&r=needscript Try newer version: http://bugs.php.net/fix.php?id=29373&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=29373&r=support Expected behavior: http://bugs.php.net/fix.php?id=29373&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=29373&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=29373&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=29373&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29373&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=29373&r=dst IIS Stability: http://bugs.php.net/fix.php?id=29373&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=29373&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=29373&r=float