1--TEST--
2FPM: HTTP_PROXY - CVE-2016-5385
3--SKIPIF--
4<?php include "skipif.inc"; ?>
5--FILE--
6<?php
7
8include "include.inc";
9
10$logfile = __DIR__.'/php-fpm.log.tmp';
11$srcfile = __DIR__.'/php-fpm.tmp.php';
12$port = 9000+PHP_INT_SIZE;
13
14$cfg = <<<EOT
15[global]
16error_log = $logfile
17[unconfined]
18listen = 127.0.0.1:$port
19pm = dynamic
20pm.max_children = 5
21pm.start_servers = 1
22pm.min_spare_servers = 1
23pm.max_spare_servers = 3
24EOT;
25
26$code = <<<EOT
27<?php
28echo "Test Start\n";
29var_dump(
30	@\$_SERVER["HTTP_PROXY"],
31	\$_SERVER["HTTP_FOO"],
32	getenv("HTTP_PROXY"),
33	getenv("HTTP_FOO")
34);
35echo "Test End\n";
36EOT;
37file_put_contents($srcfile, $code);
38
39$fpm = run_fpm($cfg, $tail);
40if (is_resource($fpm)) {
41    fpm_display_log($tail, 2);
42    try {
43		$headers = [
44			'HTTP_FOO' => 'BAR',
45			'HTTP_PROXY' => 'BADPROXY',
46		];
47		$req = run_request('127.0.0.1', $port, $srcfile, '', $headers);
48		echo strstr($req, "Test Start");
49		echo "Request ok\n";
50	} catch (Exception $e) {
51		echo "Request error\n";
52	}
53    proc_terminate($fpm);
54    fpm_display_log($tail, -1);
55    fclose($tail);
56    proc_close($fpm);
57}
58
59?>
60Done
61--EXPECTF--
62[%s] NOTICE: fpm is running, pid %d
63[%s] NOTICE: ready to handle connections
64Test Start
65NULL
66string(3) "BAR"
67bool(false)
68string(3) "BAR"
69Test End
70
71Request ok
72[%s] NOTICE: Terminating ...
73[%s] NOTICE: exiting, bye-bye!
74Done
75--CLEAN--
76<?php
77	$logfile = __DIR__.'/php-fpm.log.tmp';
78	$srcfile = __DIR__.'/php-fpm.tmp.php';
79    @unlink($logfile);
80    @unlink($srcfile);
81?>
82