Edit report at https://bugs.php.net/bug.php?id=62983&edit=1
ID: 62983
Comment by: jan at lanteraudio dot nl
Reported by: bkfake-php at yahoo dot com
Summary: if user exceeds post_max_size, script may hang on
output
Status: Feedback
Type: Bug
Package: Output Control
Operating System: Windows
PHP Version: 5.4.6
Block user comment: N
Private report: N
New Comment:
Using Apache 2.2 PHP 5.3.5 win xp pro sp3 FF16
Same problem
Very simple script, as soon as uploaded file size exceeds post_max_size script
stops executing, no error message, so no way to inform users they input a too
big file.
Previous Comments:
------------------------------------------------------------------------
[2012-08-31 18:00:48] bkfake-php at yahoo dot com
Apache 2.2
My apologies if I incorrectly categorized this finding under "Output Control"
------------------------------------------------------------------------
[2012-08-31 16:27:02] [email protected]
are you using builtin webserver?
------------------------------------------------------------------------
[2012-08-31 15:13:14] bkfake-php at yahoo dot com
Description:
------------
set post_max_size in php.ini to something relatively small (for easy testing)
say 2M or 3M
upload_max_filesize setting does not matter...
though for practical reasons it should be smaller than post_max_size
if posted data exceeds post_max_size... output seems to be limited to under
24500 - 33000 bytes (a modest amount of html) as soon as that unknown
amount is exceeded, the script "hangs"?
* next statement after the triggering echo (or print or file passthru, etc) is
not executed.
* headers not received by browser,
* max_execution_time not reached
* no errors generated (other than Warning "POST Content-Length of xxxx bytes
exceeds the limit of xxxx bytes in Unknown on line 0,")
firefox just sits spinning "Sending request to localhost..."
IE says waiting for....
Test script:
---------------
<?php
/**
* set post_max_size in php.ini to something relatively small (for easy
testing)
* say 2M or 3M
* upload_max_filesize setting does not matter...
* though for practical reasons it should be smaller than post_max_size
*
* now using this script, upload a file that's over that limit.
*/
if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
/**
* change $output_length to trigger the bug
* on one system I tested, the magic number is 24506.. crashes at
24507
* on another the number is 32742.. crashes at 32743
* what limit am I encountering?
* this number appears to be arbitrary... varying by system and
* I think the scripts memory usage also affects how much may be
returned
* the number seems to remain static to that system..
* but if I change this script, the number may change
* (ie, changing the length of $repeat_str below)
*/
$output_length = 24593; // increase/decrease to
trigger/not-trigger the bug
//
$repeat_str = 'Too much arbitrary output and this script will hang.
Why so?'."\n";
// even changing the length of $repeat_str seems to affect the total
amount that can be output
// perhaps due to change in memory usage?
header('Content-Length: '.$output_length); // adding/removing
headers does not have any effect
$strlen_repeat_str = strlen($repeat_str);
// output $repeat_str until out $strlen_output = $output_length
$strlen_output = 0; // including closing div;
while ( $strlen_output < $output_length )
{
$diff = $output_length - $strlen_output;
if ( $diff >= $strlen_repeat_str )
{
$strlen_output += $strlen_repeat_str;
echo $repeat_str;
}
else
{
$strlen_output += $diff;
echo substr($repeat_str,0,$diff);
}
}
// when we go over $output_length, script seems to hang on echo
statement...
// headers not received by browser,
// max_execution_time not reached
// no errors generated (other than "PHP Warning localhost
POST Content-Length of xxxx bytes exceeds the limit of xxxx bytes in Unknown on
line 0,")
// firefox just sits spinning "Sending request to localhost..."
// IE says waiting for....
}
else
{
echo 'uploading a file with a size over '.ini_get('post_max_size').' =
potential crash';
?>
<form enctype="multipart/form-data" action="" method="post" >
<input type="file" name="file" />
<input type="submit" value="submit me!" />
</form>
<?php
}
?>
Expected result:
----------------
initial file-upload form...
after submitting the response should be the string
"Too much arbitrary output and this script will hang. Why so?" repeated
400+times
Actual result:
--------------
script hangs -> nothing returned
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=62983&edit=1
