Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0002253 [Quercus] major always 12-13-07 14:19 12-17-07 09:09
Reporter koreth View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 3.1.5 Product Version 3.1.4
  Product Build
Summary 0002253: Static class variables leak across concurrent requests
Description <?php
class MyClass {
    static public $var = 0;
}
for ($i = 0; $i < 100000; $i++) {
    MyClass::$var++;
}
print MyClass::$var . "\n";


If you run this repeatedly one request at a time, you get "100000" each time. However, if you issue parallel requests, you don't. For example:

% links -source http://localhost:8080/test/static.php [^] & ; links -source http://localhost:8080/test/static.php [^]
176799
184416

So it looks like there is some information leakage across requests here, which obviously is not only a security hole but also probably really hard for app developers to track down since it'd be intermittent in a production environment.
Steps To Reproduce
Additional Information
Attached Files

- Relationships

- Notes
(0002579)
ferg
12-17-07 09:09

php/09b-
 

- Issue History
Date Modified Username Field Change
12-13-07 14:19 koreth New Issue
12-17-07 09:09 ferg Note Added: 0002579
12-17-07 09:09 ferg Assigned To  => ferg
12-17-07 09:09 ferg Status new => closed
12-17-07 09:09 ferg Resolution open => fixed
12-17-07 09:09 ferg Fixed in Version  => 3.1.5


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
29 total queries executed.
26 unique queries executed.
Powered by Mantis Bugtracker