[Bug 58517] New: Apache fill up the memory with a buffer when it try to run this php code that dose not have any kind of loops!

Wed, 21 Oct 2015 23:28:39 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=58517

            Bug ID: 58517
           Summary: Apache fill up the memory with a buffer when it try to
                    run this php code that dose not have any kind of
                    loops!
           Product: Apache httpd-2
           Version: 2.2.0
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_session
          Assignee: [email protected]
          Reporter: [email protected]

Apache just fill the memory with buffer and sessions when this php code get
executed.
I couldn't know whats exactly the reason, but when the code get executed by
only one request, the apache just fill it self and the server go down.
the php POC:
""""""""""
<?php

function p404curl($url){
    $ch = curl_init();      
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
        curl_setopt($ch, CURLOPT_USERAGENT, "Chrome/36.0.1985.125");
        return curl_exec($ch);
}

if (strtolower(substr(PHP_OS,0,3))=="win")
    $sys='win';
 else
    $sys='unix';

$me = basename(__FILE__ );
$uul = $_SERVER['PHP_SELF'];
$rew = md5(time());
$uul = str_replace($_SERVER['REQUEST_URI'],$rew,$uul);
$uul= 'http://'.$_SERVER['HTTP_HOST'].$uul;
$uul1 = $_SERVER['REQUEST_URI'];
$uul = str_replace($rew,$_SERVER['REQUEST_URI'],$uul);

$d404 = 'e';
if ($sys == 'win'){
    if (!isset($_SESSION['hidden']) ||
!file_exists('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1))){
        $p404 = p404curl($uul) or $d404;
       
file_put_contents("C:\\Users\\Default\\AppData\\Local\\Temp\\".md5($uul1),$p404);
        $_SESSION['hidden'] = md5($uul1);
    }else{
        $p404 =
file_get_contents('C:\\Users\\Default\\AppData\\Local\\Temp\\'.md5($uul1));
    }
}else{
    if (!isset($_SESSION['hidden']) || !file_exists('/tmp/'.md5($uul1))){
        $p404 = p404curl($uul) or $d404;
        file_put_contents('/tmp/'.md5($uul1),$p404);
        $_SESSION['hidden'] = md5($uul1);

    }else{
        $p404 = file_get_contents('/tmp/'.md5($uul1));

    }
}

echo $p404;
    die();
""""""""""

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to