I’m using:
Yii 1.1.3
Apache 2.2
Ubuntu Server (2.6.31 kernel).
PHP 5.2.10
Steps to reproduce this bug:
-
Create a new Yii webapp using ./yii/framework/yiic webapp .
-
Implement a simple SOAP method using CWebServiceAction.
-
Test the web service method to ensure it works as expected.
-
Enable Basic Authentication from the root directory of the project.
-
Test the web service method again.
The web service I have written has the following method:
5 class WriteController extends CController
6 {
7 public function actions()
8 {
9 return array(
10 'methods' => array(
11 'class' => 'CWebServiceAction',
12 'classMap' => array(
13 'TestComplexClass',
14 )
15 ),
16 );
17 }
18
19
20 /**
21 * method: test
22 * I include a test(int) method in all my web services for testing purposes.
25 *
26 * @param int num The number that is to be multipled by two.
27 * @return int The supplied num param multiplied by two.
28 * @soap
29 */
30 public function test($num)
31 {
32 return $num * 2;
33 }
The client (test.php) contains the following:
1 <?
2 $client = new SoapClient("http://api.myhomeserver.com/soap/write/methods",
3 array('login' => 'someusername', 'password' => 'somepassword'));
4
5 $retval = $client->test(123);
6 echo "Return value: $retval";
7 ?>
Up to this point everything works as expected. I then enable Basic Authentication by using .htpasswd to create .passwd and adding the following top four lines to my .htaccess:
1 AuthType Basic
2 AuthName "Testing Basic Auth with Yii"
3 AuthUserFile /var/vhosts/api.myhomeserver.com/www/soap/.passwd
4 Require valid-user
5
6 #Options +FollowSymLinks
7 IndexIgnore */*
8 RewriteEngine on
9
10 # if a directory or a file exists, use it directly
11 RewriteCond %{REQUEST_FILENAME} !-f
12 RewriteCond %{REQUEST_FILENAME} !-d
13
14 # otherwise forward it to index.php
15 RewriteRule . index.php
The error returned is:
Fatal error: Uncaught SoapFault exception: [HTTP] Error Fetching http headers in /var/vhosts/api.myhomeserver.com/www/soap/test.php:5
Stack trace:
#0 [internal function]: SoapClient->__doRequest('<?xml version="...', 'http://api.myho...', 'urn:WriteContro...', 1, 0)
#1 [internal function]: SoapClient->__call('test', Array)
#2 /var/vhosts/api.myhomeserver.com/www/soap/test.php(5): SoapClient->test(123)
#3 {main}
thrown in /var/vhosts/api.myhomeserver.com/www/soap/test.php on line 5
My Apache log file contains the following:
10.20.1.15 - someusername [09/Jul/2010:20:10:10 +0100] "GET /soap/write/methods HTTP/1.0" 200 3690 "-" "-"
10.20.1.15 - - [09/Jul/2010:20:10:10 +0100] "GET /soap/write/methods HTTP/1.0" 401 685 "-" "-"
10.20.1.15 - someusername [09/Jul/2010:20:10:10 +0100] "POST /soap/write/methods?ws=1 HTTP/1.1" 500 4181 "-" "PHP-SOAP/5.2.10-2ubuntu6.4"
10.20.1.15 - someusername [09/Jul/2010:20:10:10 +0100] "GET /soap/test.php HTTP/1.1" 200 538 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
and my Apache error log contains:
[Fri Jul 09 20:13:17 2010] [notice] child pid 5827 exit signal Segmentation fault (11)
[Fri Jul 09 20:13:22 2010] [error] [client 10.20.1.15] ALERT - canary mismatch on erealloc() - heap overflow detected (attacker '10.20.1.15', file '/var/vhosts/api.myhomeserver.com/www/soap/yii/framework/web/services/CWebService.php', line 155)
A "heap overflow" on line 155 of CWebService.php?
I would be very interested to know if there’s anyone else out there who has implemented a web service using Yii and successfully uses Basic Authentication.
Any help on this would be highly appreciated.