avoid out-of-memory serving large logfiles (hestiacp#2741)

divinity76 · jaapmarcus · web-flow · commit fc10af5c95b6 · 2022-07-10T16:28:38.000+02:00
* avoid out-of-memory serving large logfiles large logfiles previously resulted in out-of-memory errors, see hestiacp#2736 * formatting * Update php version + Resolve PHP issue Remove pcntl_exec, passthru, system, popen From disabled functions list Requires rebuild hestia-php * fix double-escape issue Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
diff --git a/src/deb/php/control b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: hestia-php
 Package: hestia-php
 Priority: optional
-Version: 8.1.7
+Version: 8.1.8
 Section: admin
 Maintainer: HestaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com
diff --git a/src/deb/php/php.ini b/src/deb/php/php.ini
@@ -309,7 +309,7 @@ serialize_precision = -1
 ; This directive allows you to disable certain functions.
 ; It receives a comma-delimited list of function names.
 ; http://php.net/disable-functions
-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,passthru,system,popen,show_source,
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,show_source,
 
 ; This directive allows you to disable certain classes.
 ; It receives a comma-delimited list of class names.
diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
@@ -5,8 +5,6 @@
 // Check token
 verify_csrf($_GET);
 
-$v_domain = $_GET['domain'];
-$v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') {
     $type = 'access';
 }
@@ -20,17 +18,23 @@
 header("Content-Type: application/octet-stream; ");
 header("Content-Transfer-Encoding: binary");
 
-$v_domain = escapeshellarg($_GET['domain']);
+$v_domain = $_GET['domain'];
 if ($_GET['type'] == 'access') {
     $type = 'access';
 }
 if ($_GET['type'] == 'error') {
     $type = 'error';
 }
-
-exec(HESTIA_CMD."v-list-web-domain-".$type."log $user ".$v_domain." 5000", $output, $return_var);
-if ($return_var == 0) {
-    foreach ($output as $file) {
-        echo $file . "\n";
-    }
+$cmd = implode(" ", array(
+    escapeshellarg(HESTIA_CMD . "v-list-web-domain-" . $type . "log"),
+    // $user is already shell-escaped
+    $user,
+    escapeshellarg($v_domain),
+    "5000",
+));
+passthru($cmd, $return_var);
+if ($return_var != 0) {
+    $errstr = "Internal server error: command returned non-zero: {$return_var}: {$cmd}";
+    echo $errstr;
+    throw new Exception($errstr); // make sure it ends up in an errorlog somewhere
 }
