#188 closed defect (invalid)
client_body_in_file_only clean remove files before php can read them
| Reported by: | Krzysztof Warzecha | Owned by: | somebody |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.2.x |
| Keywords: | Cc: | kwarzecha7@… | |
| uname -a: | Linux bebzol.com 3.2.13-grsec-xxxx-grs-ipv6-64 #1 SMP Thu Mar 29 09:48:59 UTC 2012 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.2.1
TLS SNI support enabled configure arguments: --prefix=/etc/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-pcre-jit --with-debug --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_xslt_module --with-ipv6 --with-sha1=/usr/include/openssl --with-md5=/usr/include/openssl --with-mail --with-mail_ssl_module --add-module=/tmp/buildd/nginx-1.2.1/debian/modules/nginx-auth-pam --add-module=/tmp/buildd/nginx-1.2.1/debian/modules/nginx-echo --add-module=/tmp/buildd/nginx-1.2.1/debian/modules/nginx-upstream-fair --add-module=/tmp/buildd/nginx-1.2.1/debian/modules/nginx-dav-ext-module |
||
Description
Hello,
If i use "client_body_in_file_only clean;" upload will sometimes fail with message:
[17-Jul-2012 12:08:46 UTC] PHP Warning: REQUEST_BODY_FILE: open('/dev/shm/client_body_temp/0000109431') failed: No such file or directory (2) in Unknown on line 0
My conf:
location ~ \.php$ {
# wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP
location ~ \..*/.*\.php$ {return 404;}
fastcgi_pass_request_body off;
client_body_in_file_only clean;
fastcgi_param REQUEST_BODY_FILE $request_body_file;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
I used strace to see what is going on, results are in attachment. I belive nginx removes file before php can open it, but speaking from experience it may be configuration issue or just php's fault.
Revelant strace fragment:
28200 <... recvfrom resumed> "POST /check.php HTTP/1.1\r\nHost: "..., 1024, 0, NULL, NULL) = 834
28200 open("/dev/shm/client_body_temp/0000109018", O_RDWR|O_CREAT|O_EXCL, 0600 <unfinished ...>
...
28200 connect(20, {sa_family=AF_FILE, path="/var/run/php5-fpm.sock"}, 110 <unfinished ...>
28200 <... connect resumed> ) = 0
22502 <... accept resumed> {sa_family=AF_FILE, NULL}, [2]) = 11
...
28200 writev(20, [{"\1\1\0\1\0\10\0\0\0\1\0\0\0\0\0\0\1\4\0\1\5\232\6\0\21$REQUES"..., 1480}], 1 <unfinished ...>
...
28200 unlink("/dev/shm/client_body_temp/0000109018" <unfinished ...>
...
28200 close(20 <unfinished ...>
...
28200 unlink("/dev/shm/client_body_temp/0000109018" <unfinished ...>
...
22502 <... read resumed> "\21$REQUEST_BODY_FILE/dev/shm/clie"..., 1440) = 1440
...
22502 open("/dev/shm/client_body_temp/0000109018", O_RDONLY <unfinished ...>
22502 <... open resumed> ) = -1 ENOENT (No such file or directory)
I can provide more informations / logs if needed. This is debian wheezy, with stock php-fpm and stock nginx.
Attachments (1)
Change History (3)
by , 12 years ago
| Attachment: | strace-log-1 added |
|---|
comment:1 by , 12 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
comment:2 by , 12 years ago
This was indeed configuration issue, fastcgi_ignore_client_abort fixed it. Thank you very much!
Note:
See TracTickets
for help on using tickets.
According to strace provided unlink() happens after request processing ends due to connection close by a client:
28200 recvfrom(86, <unfinished ...> 28200 <... recvfrom resumed> "", 1, MSG_PEEK, NULL, NULL) = 0 28200 close(20 <unfinished ...> 28200 <... close resumed> ) = 0 28200 write(5, "87.205.155.163 - - [17/Jul/2012:"..., 202 <unfinished ...> 28200 <... write resumed> ) = 202 28200 unlink("/dev/shm/client_body_temp/0000109018" <unfinished ...>That is, this is expected behaviour. You may either handle this in you code, or configure nginx to ignore connection aborts with fastcgi_ignore_client_abort.