Anonymous | Login | Signup for a new account | 01-05-2025 10:12 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0002253 | [Quercus] | major | always | 12-13-07 14:19 | 12-17-07 09:09 | ||||
Reporter | koreth | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | Platform | |||||
Status | closed | OS | |||||||
Projection | none | OS Version | |||||||
ETA | none | Fixed in Version | 3.1.5 | Product Version | 3.1.4 | ||||
Product Build | |||||||||
Summary | 0002253: Static class variables leak across concurrent requests | ||||||||
Description |
<?php class MyClass { static public $var = 0; } for ($i = 0; $i < 100000; $i++) { MyClass::$var++; } print MyClass::$var . "\n"; If you run this repeatedly one request at a time, you get "100000" each time. However, if you issue parallel requests, you don't. For example: % links -source http://localhost:8080/test/static.php [^] & ; links -source http://localhost:8080/test/static.php [^] 176799 184416 So it looks like there is some information leakage across requests here, which obviously is not only a security hole but also probably really hard for app developers to track down since it'd be intermittent in a production environment. |
||||||||
Steps To Reproduce | |||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
29 total queries executed. 26 unique queries executed. |