[php-maint] Bug#799851: Bug#799851: libapache2-mod-php5filter: HTTP_RAW_POST_DATA mangled when bin data is sent in HTTP POST request

Ondřej Surý ondrej at sury.org
Thu Sep 24 07:36:37 UTC 2015 

Hi Ludovic,

I cannot offer better advice than use libapache2-mod-php5. Is there any
particular reason why are you using apache2filter SAPI? In my
experience, the apache2filter SAPI got neglected a bit and it was
removed from PHP 7.0.0.

Cheers,
Ondrej

On Wed, Sep 23, 2015, at 11:42, Ludovic Pouzenc wrote:
> Package: libapache2-mod-php5filter
> Version: 5.6.13+dfsg-0+deb8u1
> Severity: important
> 
> Dear Maintainer,
> 
> When using Fusion Inventory plugin over GLPI 0.84 (from debian repo), we
> have hit a bug. It happens when the agent tries to send a huge (30k) XML
> chunk, xlib compressed over HTTP POST.
> 
> The PHP code in Fusion Inventory uses $HTTP_RAW_POST_DATA. We have found
> that the binary blob in the POST is around 13kB but the PHP var contains
> way less data, like 120 bytes or 1.5 kB in other situations.
> 
> Tried php://input : same size as in $HTTP_RAW_POST_DATA.
> 
> In apache2 log, shitty things happens :
> 172.16.2.120 - - [23/Sep/2015:10:50:40 +0200] "POST 
> /glpi/plugins/fusioninventory/ HTTP/1.1" 200 0 "-" 
> "FusionInventory-Agent_v2.3.16"
> 172.16.2.120 - - [23/Sep/2015:10:50:40 +0200] 
> "\x9cv\xdej\xc0\xe3e\xc2H\xc5\x99\x0e" 400 0 "-" "-"
> 
> With Wireshark, we have found that on the HTTP connection, there is 2
> replies on the Fusion Inventory single request (an HTTP/200 from PHP, a
> HTTP 400 from apache).
> 
> Everything starts to work normally when replacing
> libapache2-mod-php5filter with libapache2-mod-php5.
> 
> The expected behavior is to have $HTTP_RAW_POST_DATA or php://input
> reflecting the whole binary data sent over the wire.
> 
> You could check in atttachement the tcp tchat between fusion Inventory
> agent and theh GLPI server. Taken from Wireshark / follow TCP stream /
> Save as... The agent talks first with HTTP POSTING a "big" blob, then
> server replies HTTP/1.1 200 OK with another zlib compressed blob and
> a second reply (without any request from the agent) is sent by apache
> (HTTP 400).
> 
> 
> -- Package-specific info:
> ==== Additional PHP 5 information ====
> 
> ++++ PHP 5 SAPI (php5query -S): ++++
> cli
> apache2filter
> 
> ++++ PHP 5 Extensions (php5query -M -v): ++++
> opcache (Enabled for cli by maintainer script)
> opcache (Enabled for apache2filter by maintainer script)
> json (Enabled for cli by maintainer script)
> json (Enabled for apache2filter by maintainer script)
> readline (Enabled for cli by maintainer script)
> readline (Enabled for apache2filter by maintainer script)
> pdo (Enabled for cli by maintainer script)
> pdo (Enabled for apache2filter by maintainer script)
> 
> ++++ Configuration files: ++++
> [PHP]
> engine = On
> short_open_tag = Off
> asp_tags = Off
> precision = 14
> output_buffering = 4096
> zlib.output_compression = Off
> implicit_flush = Off
> unserialize_callback_func =
> serialize_precision = 17
> disable_functions = 
> pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
> disable_classes =
> zend.enable_gc = On
> expose_php = Off
> max_execution_time = 30
> max_input_time = 60
> memory_limit = 128M
> error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
> display_errors = Off
> display_startup_errors = Off
> log_errors = On
> log_errors_max_len = 1024
> ignore_repeated_errors = Off
> ignore_repeated_source = Off
> report_memleaks = On
> track_errors = Off
> html_errors = On
> variables_order = "GPCS"
> request_order = "GP"
> register_argc_argv = Off
> auto_globals_jit = On
> post_max_size = 8M
> auto_prepend_file =
> auto_append_file =
> default_mimetype = "text/html"
> default_charset = "UTF-8"
> doc_root =
> user_dir =
> enable_dl = Off
> file_uploads = On
> upload_max_filesize = 2M
> max_file_uploads = 20
> allow_url_fopen = On
> allow_url_include = Off
> default_socket_timeout = 60
> [CLI Server]
> cli_server.color = On
> [Date]
> [filter]
> [iconv]
> [intl]
> [sqlite]
> [sqlite3]
> [Pcre]
> [Pdo]
> [Pdo_mysql]
> pdo_mysql.cache_size = 2000
> pdo_mysql.default_socket=
> [Phar]
> [mail function]
> SMTP = localhost
> smtp_port = 25
> mail.add_x_header = On
> [SQL]
> sql.safe_mode = Off
> [ODBC]
> odbc.allow_persistent = On
> odbc.check_persistent = On
> odbc.max_persistent = -1
> odbc.max_links = -1
> odbc.defaultlrl = 4096
> odbc.defaultbinmode = 1
> [Interbase]
> ibase.allow_persistent = 1
> ibase.max_persistent = -1
> ibase.max_links = -1
> ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
> ibase.dateformat = "%Y-%m-%d"
> ibase.timeformat = "%H:%M:%S"
> [MySQL]
> mysql.allow_local_infile = On
> mysql.allow_persistent = On
> mysql.cache_size = 2000
> mysql.max_persistent = -1
> mysql.max_links = -1
> mysql.default_port =
> mysql.default_socket =
> mysql.default_host =
> mysql.default_user =
> mysql.default_password =
> mysql.connect_timeout = 60
> mysql.trace_mode = Off
> [MySQLi]
> mysqli.max_persistent = -1
> mysqli.allow_persistent = On
> mysqli.max_links = -1
> mysqli.cache_size = 2000
> mysqli.default_port = 3306
> mysqli.default_socket =
> mysqli.default_host =
> mysqli.default_user =
> mysqli.default_pw =
> mysqli.reconnect = Off
> [mysqlnd]
> mysqlnd.collect_statistics = On
> mysqlnd.collect_memory_statistics = Off
> [OCI8]
> [PostgreSQL]
> pgsql.allow_persistent = On
> pgsql.auto_reset_persistent = Off
> pgsql.max_persistent = -1
> pgsql.max_links = -1
> pgsql.ignore_notice = 0
> pgsql.log_notice = 0
> [Sybase-CT]
> sybct.allow_persistent = On
> sybct.max_persistent = -1
> sybct.max_links = -1
> sybct.min_server_severity = 10
> sybct.min_client_severity = 10
> [bcmath]
> bcmath.scale = 0
> [browscap]
> [Session]
> session.save_handler = files
> session.use_strict_mode = 0
> session.use_cookies = 1
> session.use_only_cookies = 1
> session.name = PHPSESSID
> session.auto_start = 0
> session.cookie_lifetime = 0
> session.cookie_path = /
> session.cookie_domain =
> session.cookie_httponly =
> session.serialize_handler = php
> session.gc_probability = 0
> session.gc_divisor = 1000
> session.gc_maxlifetime = 1440
> session.referer_check =
> session.cache_limiter = nocache
> session.cache_expire = 180
> session.use_trans_sid = 0
> session.hash_function = 0
> session.hash_bits_per_character = 5
> url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
> [MSSQL]
> mssql.allow_persistent = On
> mssql.max_persistent = -1
> mssql.max_links = -1
> mssql.min_error_severity = 10
> mssql.min_message_severity = 10
> mssql.compatibility_mode = Off
> mssql.secure_connection = Off
> [Assertion]
> [COM]
> [mbstring]
> [gd]
> [exif]
> [Tidy]
> tidy.clean_output = Off
> [soap]
> soap.wsdl_cache_enabled=1
> soap.wsdl_cache_dir="/tmp"
> soap.wsdl_cache_ttl=86400
> soap.wsdl_cache_limit = 5
> [sysvshm]
> [ldap]
> ldap.max_links = -1
> [mcrypt]
> [dba]
> [opcache]
> [curl]
> [openssl]
> 
> **** /etc/php5/apache2filter/conf.d/20-json.ini ****
> extension=json.so
> 
> **** /etc/php5/apache2filter/conf.d/05-opcache.ini ****
> zend_extension=opcache.so
> 
> **** /etc/php5/apache2filter/conf.d/20-readline.ini ****
> extension=readline.so
> 
> **** /etc/php5/apache2filter/conf.d/10-pdo.ini ****
> extension=pdo.so
> 
> 
> -- System Information:
> Debian Release: 8.0
>    APT prefers stable-updates
>    APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
> Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages libapache2-mod-php5filter depends on:
> ii  apache2                             2.4.10-10+deb8u3
> ii  apache2-bin [apache2-api-20120211]  2.4.10-10+deb8u3
> ii  libbz2-1.0                          1.0.6-7+b3
> ii  libc6                               2.19-18
> ii  libcomerr2                          1.42.12-1.1
> ii  libdb5.3                            5.3.28-9
> ii  libgssapi-krb5-2                    1.12.1+dfsg-19
> ii  libk5crypto3                        1.12.1+dfsg-19
> ii  libkrb5-3                           1.12.1+dfsg-19
> ii  libmagic1                           1:5.22+15-2
> ii  libonig2                            5.9.5-3.2
> ii  libpcre3                            2:8.35-3.3
> ii  libqdbm14                           1.8.78-5+b1
> ii  libssl1.0.0                         1.0.1k-3
> ii  libxml2                             2.9.1+dfsg1-5
> ii  mime-support                        3.58
> ii  php5-cli                            5.6.13+dfsg-0+deb8u1
> ii  php5-common                         5.6.13+dfsg-0+deb8u1
> ii  php5-json                           1.3.6-1
> ii  tzdata                              2015d-0+deb8u1
> ii  ucf                                 3.0030
> ii  zlib1g                              1:1.2.8.dfsg-2+b1
> 
> libapache2-mod-php5filter recommends no packages.
> 
> Versions of packages libapache2-mod-php5filter suggests:
> pn  php-pear  <none>
> 
> Versions of packages php5-common depends on:
> ii  libc6   2.19-18
> ii  lsof    4.86+dfsg-1
> ii  psmisc  22.21-2
> ii  sed     4.2.2-4+b1
> ii  ucf     3.0030
> 
> Versions of packages php5-common suggests:
> pn  php5-user-cache  <none>
> 
> -- no debconf information
> 
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint
> Email had 1 attachment:
> + tcp-stream.dat
>   19k (text/plain)


-- 
Ondřej Surý <ondrej at sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server

More information about the pkg-php-maint mailing list