ProHoster > Блог > ozi ịntanetị > Adịghị ike na php-fpm nke na-enye ohere igbu koodu ime na sava ahụ

Adịghị ike na php-fpm nke na-enye ohere igbu koodu ime na sava ahụ

Dị Mwepụta mmezi nke PHP 7.3.11, 7.1.33 na 7.2.24, bụ nke kpochapuru nkatọ adịghị ike (CVE-2019-11043) na PHP-FPM (FastCGI Process Manager) ndọtị, nke na-enye gị ohere igbu koodu gị na sistemụ. Iji wakpo sava ndị na-eji PHP-FPM na njikọ Nginx iji mee script PHP, ọ dịlarị n'ihu ọha. onye ọrụ ahụ irigbu.

Mwakpo a ga-ekwe omume na nhazi nginx nke a na-ebuga na PHP-FPM site na ikewa akụkụ nke URL site na iji "fastcgi_split_path_info" na ịkọwa ọnọdụ PATH_INFO, mana na-ebughị ụzọ nyochaa ịdị adị nke faịlụ ahụ site na iji "try_files $ fastcgi_script_name" ntuziaka ma ọ bụ "ọ bụrụ (!-f $) document_root$ fastcgi_script_name)". Nsogbu dịkwa ngwa ngwa na ntọala e nyere maka ikpo okwu NextCloud. Dịka ọmụmaatụ, nhazi nwere usoro dịka:

ọnọdụ ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_param PATH_INFO $ fastcgi_path_info;
fastcgi_pass php:9000;
}

Ị nwere ike soro mkpebi nsogbu ahụ na ngwa nkesa na ibe ndị a: Debian, RHEL, Ubuntu, SUSE/mepeeSUSE, FreeBSD, Arch, Fedora. Dị ka ebe a na-arụ ọrụ, ị nwere ike itinye nlele maka ịdị adị nke faịlụ PHP a rịọrọ mgbe akara "fastcgi_split_path_info" gasịrị:

try_files $ fastcgi_script_name = 404;

Nsogbu na-ebute site na mperi mgbe ị na-emegharị ntụnye na faịlụ sapi/fpm/fpm/fpm_main.c. Mgbe ị na-ekenye pointer, a na-eche na uru nke PATH_INFO gburugburu ebe obibi ga-enwerịrị prefix nke dabara na ụzọ ederede PHP.
Ọ bụrụ na ntuziaka fastcgi_split_path_info na-akọwapụta ikewa ụzọ edemede site na iji okwu ọhụụ na-enwe mmetụta mgbe niile (dịka ọmụmaatụ, ọtụtụ ihe atụ na-atụ aro iji "^(.+?\.php)(/.*)$"), mgbe ahụ onye na-awakpo nwere ike hụ na otu Edere uru efu na mgbanwe gburugburu PATH_INFO. Na nke a, n'ihu tinyere ogbugbu rụrụ ide ụzọ_info[0] ka ọ bụrụ efu wee kpọọ FCGI_PUTENV.

Site na ịrịọ URL ahaziri n'ụzọ ụfọdụ, onye na-awakpo nwere ike nweta ngbanwe nke ụzọ_info pointer gaa na baiti mbụ nke usoro “_fcgi_data_seg", na ide ihe efu na byte a ga-eduga na mmegharị nke "char * pos" ntụnye aka na mpaghara ebe nchekwa dị na mbụ. Nke a na-akpọ FCGI_PUTENV ga-eji uru onye mwakpo ahụ nwere ike jikwaa degharịa data na ebe nchekwa a. Ebe nchekwa a kapịrị ọnụ na-echekwa ụkpụrụ nke mgbanwe FastCGI ndị ọzọ, na site n'ịde data ha, onye na-awakpo nwere ike ịmepụta mgbanwe PHP_VALUE efu wee mezuo koodu ha.

isi: opennet.ru

Tinye a comment