ID: 40419
Comment by: bugs at spuetz dot ath dot cx
Reported By: samuele dot diella at gmail dot com
Status: Open
Bug Type: CGI related
Operating System: Slackware 10.2
PHP Version: 5.2.1
New Comment:
Oh, it isn't, partially.
with patch applied, SCRIPT_FILENAME has still a trailing slash.
On a working system (without the patch, too) a url
/test.php/
results in a SCRIPT_FILENAME => /path/to/test.php
with patch:
SCRIPT_FILENAME => /path/to/test.php/
Previous Comments:
------------------------------------------------------------------------
[2007-05-18 11:29:32] bugs at spuetz dot ath dot cx
I can confirm this for RHES3, 32bit, Apache 2.2.4 and fastcgi with
suexec.
The patch is working.
------------------------------------------------------------------------
[2007-05-15 16:17:12] jankorichter at yahoo dot de
I have created a small patch as a workaround. Should be checked and
approved.
--- sapi/cgi/cgi_main.c.org 2007-04-17 22:00:53.000000000 +0200
+++ sapi/cgi/cgi_main.c 2007-05-15 17:35:39.000000000 +0200
@@ -961,7 +961,14 @@
/* some server configurations allow '..' to slip
through in the
translated path. We'll just refuse to handle such
a path. */
if (script_path_translated &&
!strstr(script_path_translated, "..")) {
- SG(request_info).path_translated =
estrdup(script_path_translated);
+ char * real_path =
tsrm_realpath(script_path_translated, NULL TSRMLS_CC);
+ if ( real_path )
+ {
+ SG(request_info).path_translated =
estrdup(real_path);
+ free(real_path);
+ } else {
+ SG(request_info).path_translated =
estrdup(script_path_translated);
+ }
}
SG(request_info).content_type = (content_type ?
content_type : "" );
SG(request_info).content_length = (content_length ?
atoi(content_length) : 0);
------------------------------------------------------------------------
[2007-02-13 12:24:38] hacker at ee dot ethz dot ch
i can confirm this issue on sarge/amd64 (gcc),
whereas it works just fine on solaris8/sparc (gcc) with the same
extensions enabled and the same php.ini settings.
i am running fastcgi with apache2.0.59.
------------------------------------------------------------------------
[2007-02-09 17:37:50] samuele dot diella at gmail dot com
Description:
------------
In php-5.2.1 compiled as CGI under Apache 1.3.37, when i enter an url
with a trailing slash, with no params after, i get a "No input file
specified.".
If i don't write the slash, or if i write a single character after the
slash, the request is handled correctly.
es.:
http://www.myserver.com/phpinfo.php5 ---> works
http://www.myserver.com/phpinfo.php5/ ---> No input file specified.
http://www.myserver.com/phpinfo.php5/test ---> works
In php-5.2.0, compiled with the same config, the request is handled
correctly.
This is my config line:
./configure --prefix=/usr --with-xsl --sysconfdir=/etc
--enable-discard-path --with-config-file-path=/etc/apache/php5
--enable-safe-mode --with-openssl --with-mhash --enable-bcmath
--with-bz2 --with-pic --enable-calendar --enable-ctype --with-gdbm
--with-db3 --with-imap-ssl=/usr/local/lib/c-client
--with-imap=/usr/local/lib/c-client --enable-dbase --enable-ftp
--with-iconv --with-dom --with-exif --enable-exif --with-gd
--enable-gd-native-ttf --with-freetype-dir=/usr --with-t1lib=/usr
--with-jpeg-dir=/usr --with-png --with-gmp --enable-mbstring
--with-curl=/usr --with-pcre-regex=/usr --with-mysql
--with-mysql-sock=/var/run/mysql --with-mysqli
--with-gettext=shared,/usr --with-expat-dir=/usr --with-xml
--with-tsrm-pthreads --with-mm=/usr --enable-trans-sid --enable-shmop
--enable-sockets --with-regex=php --with-mime-magic --enable-sysvsem
--enable-sysvshm --enable-yp --enable-memory-limit --enable-shared
--disable-debug --with-zlib=/usr --with-mcrypt --with-ttf
--enable-force-cgi-redirect
This is my Apache configuration:
AddType application/x-httpd-php5 .php5
Action application/x-httpd-php5 "/cgi-bin/php5"
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
I tryed many configuration options in php.ini and in configure command,
but i was not able to get it works as before.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=40419&edit=1
