Posted by Imre RAD on Jan 27

The FastCGI Process Manager (FPM) SAPI of PHP was vulnerable to memory
leak and buffer overflow in the access logging feature.

PHP-FPM offers customization of the access log lines based on format
string variables which can be specified with the access.format option of
the FPM configuration file.
The log lines were compiled in php-fpm.c. The %{something}e fields were
processed at line 237:

len2 = snprintf(b, FPM_LOG_BUFFER – len, “%s”,…