ID: 13961
Comment by: daniele at orlandi dot com
Reported By: lampa at fee dot vutbr dot cz
Status: Bogus
Bug Type: Apache related
Operating System: any
PHP Version: 4CVS, 5CVS
Assigned To: derick
New Comment:
It still isn't fixed in PHP 4.3.5, php still corrupts apache's
environment and here's the proof:
--------------- httpd.conf
....
BrowserMatch "a" downgrade-1.0 force-response-1.0 nokeepalive
....
--------------- a.html
<html>
<body>
</body>
</html>
--------------- a.php
<?
echo "ciao";
?>
------------------------------------
GET /a.html HTTP/1.1
Host: stef.uli.it
Connection: close
User-Agent: a
HTTP/1.0 200 OK
Date: Wed, 31 Mar 2004 17:35:57 GMT
Server: Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7b PHP/4.3.5
Last-Modified: Wed, 31 Mar 2004 17:35:43 GMT
ETag: "522e8-1e-c69ff9c0"
Accept-Ranges: bytes
Content-Length: 30
Connection: close
Content-Type: text/html
<html>
<body>
</body>
</html>
Connection closed by foreign host.
---------------------------------------
GET /a.php HTTP/1.1
Host: stef.uli.it
Connection: close
User-Agent: a
HTTP/1.1 200 OK
Date: Wed, 31 Mar 2004 17:34:57 GMT
Server: Apache/2.0.49 (Unix) mod_ssl/2.0.49 OpenSSL/0.9.7b PHP/4.3.5
X-Powered-By: PHP/4.3.5
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
4
ciao
0
Connection closed by foreign host.
----------------------
As you see, the PHP response discards force-response-1.0 and still
responds with HTTP/1.1.
My Cisco 7960 IP phones has a broken HTTP/1.1 client and isn't able to
cope with chunked transfer encoding and I'm not able to make it work.
Previous Comments:
------------------------------------------------------------------------
[2003-11-18 19:52:08] [EMAIL PROTECTED]
This is infact fixed php_register_variable() is actually a wrapper
around php_register_variable_safe() which always makes a copy of the
original before passing it to php_register_variable_ex().
------------------------------------------------------------------------
[2003-11-14 07:06:13] lampa at fee dot vutbr dot cz
Still not fixed in 4.3.4
------------------------------------------------------------------------
[2003-11-11 18:15:11] daniele at orlandi dot com
This bug is still present in php 4.3.4 and may be harmful since all the
BrowserMatch functionality to workaround browser bugs in Apache is
essentially disabled.
As a proof of concept i patched sapi/apache2handler/sapi_apache2.c
(apache2filter is probably affected too) and the problem went away.
Note that the patch may not be perfect as I don't know how Apache and
PHP work internally very well.
--- php-4.3.4/sapi/apache2handler/sapi_apache2.c 2003-10-02
05:24:43.000000000 +0200
+++ php-4.3.4-patched/sapi/apache2handler/sapi_apache2.c
2003-11-11 23:52:06.000000000 +0100
@@ -227,9 +227,14 @@
char *key, *val;
zval **path_translated_zv;
+ char *t;
+
APR_ARRAY_FOREACH_OPEN(arr, key, val)
if (!val) val = empty_string;
- php_register_variable(key, val, track_vars_array
TSRMLS_CC);
+
+ t = estrndup(key, strlen(key));
+ php_register_variable(t, val, track_vars_array
TSRMLS_CC);
+ efree(t);
APR_ARRAY_FOREACH_CLOSE()
------------------------------------------------------------------------
[2001-12-11 09:57:36] lampa at fee dot vutbr dot cz
Not fixed in 4.1.0. Why? To be clear, one call is neccessary:
for (i = 0; i < arr->nelts; i++) {
char *val,*key;
if (elts[i].val) {
val = elts[i].val;
} else {
val = empty_string;
}
key = estrdup(elts[i].key); /* HERE */
php_register_variable(key, val, track_vars_array
ELS_CC PLS_CC)
;
}
------------------------------------------------------------------------
[2001-11-07 04:33:03] [EMAIL PROTECTED]
This is not okay, PHP should not change the original key here.
Checking it out.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/13961
--
Edit this bug report at http://bugs.php.net/?id=13961&edit=1
