Red Hat Bugzilla – Bug 84642
passthru() causes DoS
Last modified: 2007-03-27 00:00:59 EDT
Description of problem:
PHP's passthru function in Red Hat 8 stock PHP/Apache2 is barely functional, if the program it runs returns any significant amount of data, it causes a DoS situation, the server will become very unresponsive, and the query takes much longer than expected. This could be remotely exploited as a system-wide DoS attack if the user has any script that uses a passthru() function to return data the user requested from an external command.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a small php script with one command:
2. Request the script through the web server. The first time it runs it may run quickly and return the proper output, but subsequent times it will randomly take a very long time to return the output, a seeming random amount of time between 10 seconds and 10 minutes. While the script is running, the server will be very unresponsive.
Note that /boot/vmlinuz is just an example, any command that returns a significant amount of output, (500K+ such as calling ghostscript to generate a PDF/PS file for the user) will cause the condition. Larger outputs seem to cause the response time to scale up in an exponential growth rate.
Extreme slowdown of server.
Almost instant response with data.
passthru() did get optimized recently upstream, though this sounds like a more
serious problem. (http://bugs.php.net/bug.php?id=22308)
This was a problem where httpd would sometimes buffer up dynamic content, and
was fixed by the most recent httpd erratum.
Thanks for the report.
*** This bug has been marked as a duplicate of 97111 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.