Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v4.8.2 仍复现 bug #4475 :协程风格的 HTTP 服务器解析 Content-Type 为 application/x-www-form-urlencoded 的 POST 参数不符合预期 #4519

Closed
xutg opened this issue Dec 2, 2021 · 4 comments
Closed

v4.8.2 仍复现 bug #4475 :协程风格的 HTTP 服务器解析 Content-Type 为 application/x-www-form-urlencoded 的 POST 参数不符合预期 #4519

xutg opened this issue Dec 2, 2021 · 4 comments
Labels
bug fixed

Comments

@xutg
Copy link

xutg commented Dec 2, 2021
edited by matyhtf
Loading

Please answer these questions before submitting your issue. Thanks!

  1. What did you do? If possible, provide a simple script for reproducing the error.
    经过验证 v4.8.2 仍复现 bug 协程风格的 HTTP 服务器解析 Content-Type 为 application/x-www-form-urlencoded 的 POST 参数不符合预期 #4475

客户端代码

$post_args = [
    // 注:如果参数值是纯英文是不复现的,只有大量的包含某些中文字符才能复现
    'test' => str_repeat('你好', 10000),
];
$post_body = http_build_query($post_args);

$context_options = [
    'http' => [
        'method' => 'POST',
        'header'=> 'Content-type: application/x-www-form-urlencoded' . "\r\n"
                 . 'Content-Length: ' . strlen($post_body) . "\r\n",
        'content' => $post_body,
    ],
];
$context = stream_context_create($context_options);

$fp = fopen('http://127.0.0.1:9501/api', 'r', false, $context);
fpassthru($fp);
fclose($fp);

正常的服务端代码
test_s_ok.php

$post_info = [];
foreach ($_POST as $k => $v) {
    $post_info[$k] = strlen($v);
}
var_dump($post_info);
echo 'OK';

异常的服务端代码
test_s_bug.php

use Swoole\Coroutine\Http\Server;
use function Swoole\Coroutine\run;

run(function () {
    $server = new Server('0.0.0.0', 9501, false);
    $server->handle('/api', function ($request, $response) {
        $post_args = $request->post ?: [];

        $post_info = [];
        foreach ($post_args as $k => $v) {
            $post_info[$k] = strlen(@strval($v));
        }
        var_dump($post_info);

        $response->end('OK');
    });

    $server->start();
});
  1. What did you expect to see?
    php -S 127.0.0.1:9501 test_s_ok.php

解析 POST 参数正常

array(1) {
  ["test"]=>
  int(60000)
}
OK
  1. What did you see instead?
    php test_s_bug.php

解析 POST 参数异常

array(10) {
  ["test"]=>
  int(27586)
  ["empty($json"]=>
  int(5)
  ["!interface_exists($json"]=>
  int(5)
  ["!interface_exists($className))_{
________________return_self::json("{$className}_not_exists",_4004);
____________}
____________if_(!method_exists($className,_$functionName))_{
________________return_self::json("{$className}->{$functionName}_not_exists",_4004);
____________}
____________$ref_"]=>
  int(1390)
  ["!$param->isVariadic())_{
________________if_(!$result"]=>
  int(5)
  ["PHP_VERSION_ID_<_80000)_{
____________________continue;
________________}
________________$optional_"]=>
  int(827)
  ["'_:_'';
____________$isVariadic_"]=>
  int(7576)
  ["!$process->startsWith('specific'))_{
____________________$return_list"]=>
  int(5)
  ["is_array($data"]=>
  int(5)
  ["$server->getManagerPid()_"]=>
  int(469)
}
OK
  1. What version of Swoole are you using (show your php --ri swoole)?
swoole

Swoole => enabled
Author => Swoole Team <team@swoole.com>
Version => 4.8.2
Built => Nov 18 2021 06:40:44
coroutine => enabled with boost asm context
trace_log => enabled
epoll => enabled
eventfd => enabled
signalfd => enabled
cpu_affinity => enabled
spinlock => enabled
rwlock => enabled
sockets => enabled
openssl => OpenSSL 1.0.2k-fips  26 Jan 2017
http2 => enabled
json => enabled
curl-native => enabled
pcre => enabled
c-ares => 1.10.0
zlib => 1.2.7
mutex_timedlock => enabled
pthread_barrier => enabled
futex => enabled
mysqlnd => enabled
async_redis => enabled

Directive => Local Value => Master Value
swoole.enable_coroutine => On => On
swoole.enable_library => On => On
swoole.enable_preemptive_scheduler => Off => Off
swoole.display_errors => On => On
swoole.use_shortname => On => On
swoole.unixsock_buffer_size => 8388608 => 8388608
  1. What is your machine environment used (show your uname -a & php -v & gcc -v) ?
    uname -a
Linux fefabc361353 4.15.0-142-generic #146~16.04.1-Ubuntu SMP Tue Apr 13 09:27:15 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

php -v

PHP 7.4.26 (cli) (built: Nov 16 2021 15:31:30) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.26, Copyright (c), by Zend Technologies

gcc -v

Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/lto-wrapper
Target: x86_64-redhat-linux
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-bootstrap --enable-shared --enable-threads=posix --enable-checking=release --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-linker-hash-style=gnu --enable-languages=c,c++,objc,obj-c++,java,fortran,ada,go,lto --enable-plugin --enable-initfini-array --disable-libgcj --with-isl=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/isl-install --with-cloog=/builddir/build/BUILD/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/cloog-install --enable-gnu-indirect-function --with-tune=generic --with-arch_32=x86-64 --build=x86_64-redhat-linux
Thread model: posix
gcc version 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
@xutg
Copy link
Author

xutg commented Dec 2, 2021

PHP 7.4.26 + Swoole 4.8.3 也复现此 bug

@NathanFreeman NathanFreeman mentioned this issue Dec 5, 2021
Merged
matyhtf pushed a commit that referenced this issue Dec 6, 2021
@NathanFreeman
Fix bug #4519 (#4523)
9d1f6cc 
* reset ctx->request.body_at.

* reset ctx->request.body_at.
matyhtf pushed a commit that referenced this issue Dec 6, 2021
@NathanFreeman @matyhtf
Fix bug #4519 (#4523)
c2db51e 
* reset ctx->request.body_at.

* reset ctx->request.body_at.
@matyhtf
Copy link
Member

matyhtf commented Dec 7, 2021

已修复,请使用 master 或者 4.8.x 分支测试一下

@xutg
Copy link
Author

xutg commented Dec 8, 2021

使用 4.8.x 分支验证通过,不再复现,感谢你们的辛苦工作。

php -v

PHP 7.4.26 (cli) (built: Nov 16 2021 15:31:30) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.26, Copyright (c), by Zend Technologies

php --ri swoole

swoole

Swoole => enabled
Author => Swoole Team <team@swoole.com>
Version => 4.8.3
Built => Dec  8 2021 14:46:27
coroutine => enabled with thread context
epoll => enabled
eventfd => enabled
signalfd => enabled
cpu_affinity => enabled
spinlock => enabled
rwlock => enabled
sockets => enabled
openssl => OpenSSL 1.0.2k-fips  26 Jan 2017
http2 => enabled
json => enabled
curl-native => enabled
pcre => enabled
c-ares => 1.10.0
zlib => 1.2.7
mutex_timedlock => enabled
pthread_barrier => enabled
futex => enabled
mysqlnd => enabled
async_redis => enabled

Directive => Local Value => Master Value
swoole.enable_coroutine => On => On
swoole.enable_library => On => On
swoole.enable_preemptive_scheduler => Off => Off
swoole.display_errors => On => On
swoole.use_shortname => On => On
swoole.unixsock_buffer_size => 8388608 => 8388608

已修复,请使用 master 或者 4.8.x 分支测试一下

@twose twose closed this as completed Dec 8, 2021
@mifei077
Copy link

您好,我是识沃科技的工作人员,为了感谢您的反馈,请加微信13524075254联系领取我司为您准备的定制小礼物一份,谢谢!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xutg @matyhtf @twose @mifei077