From: kyle at flaretech dot biz Operating system: Windows Server 2003 PHP version: 4.3.8 PHP Bug Type: CGI related Bug description: Trailing URL Information Crashes Application Pool Using FastCGI
Description: ------------ I'm using IIS 6, PHP 4.3.8, and the latest ISAPI FastCGI binary from http://www.caraveo.com/fastcgi/. It seems that it's possible to soft-crash the application pool serving a website by requesting a URL to a PHP file followed by /somefile.ext. Reproduce code: --------------- Access any existing php file using url http://www.domain.com/file.php/test.htm Expected result: ---------------- PHP should return "No input file specified." Actual result: -------------- Application pool crashes and recycles. If rapid fail protection is enabled and the url is accessed several times consecutively, the application pool will shutdown after reaching the maximum amount of errors. Output from c:\windows\system32\logfiles\httperr 2004-07-22 16:30:32 68.13.155.34 1603 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Abandoned_By_AppPool 2004-07-22 16:30:33 68.13.155.34 1604 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Abandoned_By_AppPool 2004-07-22 16:30:36 68.13.155.34 1609 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Abandoned_By_AppPool 2004-07-22 16:30:38 68.13.155.34 1611 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Abandoned_By_AppPool 2004-07-22 16:30:38 68.13.155.34 1610 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Dropped 2004-07-22 16:30:40 68.13.155.34 1613 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm - 7847 Connection_Abandoned_By_AppPool 2004-07-22 16:30:40 68.13.155.34 1614 69.93.181.90 80 HTTP/1.1 GET /index.php/test.htm 503 7847 AppOffline The following error appears in event log: Event Type: Warning Event Source: W3SVC Event Category: None Event ID: 1009 Date: 7/23/2004 Time: 11:48:46 AM User: N/A Computer: SRV01 Description: A process serving application pool 'DefaultAppPool' terminated unexpectedly. The process id was '4876'. The process exit code was '0x80'. -- Edit bug report at http://bugs.php.net/?id=29356&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=29356&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=29356&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=29356&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=29356&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=29356&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=29356&r=needscript Try newer version: http://bugs.php.net/fix.php?id=29356&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=29356&r=support Expected behavior: http://bugs.php.net/fix.php?id=29356&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=29356&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=29356&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=29356&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=29356&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=29356&r=dst IIS Stability: http://bugs.php.net/fix.php?id=29356&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=29356&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=29356&r=float
