From 1b19a779787bdb554d4d6f82defaddba4725755a Mon Sep 17 00:00:00 2001 From: Dj-jom2x Date: Tue, 18 Apr 2017 08:28:27 +0800 Subject: [PATCH] check if proc open is enabled .. we need to check proc_open if disabled .. because line 93 expect something to return ... and it will lead you to self dos infinite while loop.. and your server will going down .. and the message you will receive is "fork: retry: no child processes" , if you try to login on ssh using your cpanel account :) --- lib/terminal-xhr.php | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/lib/terminal-xhr.php b/lib/terminal-xhr.php index df232fe..7e0a123 100644 --- a/lib/terminal-xhr.php +++ b/lib/terminal-xhr.php @@ -2,6 +2,16 @@ include(dirname(__FILE__)."/headers.php"); include(dirname(__FILE__)."/settings.php"); + +function proc_open_enabled() { + $disabled = explode(',', ini_get('disable_functions')); + return !in_array('proc_open', $disabled); +} + +if(!proc_open_enabled()) { + exit("sorry but you can't used this terminal if your proc_open is disabled\n\n"); +} + $aliases = array( 'la' => 'ls -la', 'll' => 'ls -lvhF', @@ -78,13 +88,13 @@ if (preg_match('/^[[:blank:]]*cd[[:blank:]]*$/', @$_REQUEST['command'])) { ), $io ); - + // Read output sent to stdout - while (!feof($io[1])) { + while (!feof($io[1])) { /// this will return always false ... and will loop forever until "fork: retry: no child processes" will show if proc_open is disabled; $output .= htmlspecialchars(fgets($io[1]),ENT_COMPAT, 'UTF-8'); } // Read output sent to stderr - while (!feof($io[2])) { + while (!feof($io[2])) { $output .= htmlspecialchars(fgets($io[2]),ENT_COMPAT, 'UTF-8'); } $output .= "\n"; @@ -97,4 +107,4 @@ if (preg_match('/^[[:blank:]]*cd[[:blank:]]*$/', @$_REQUEST['command'])) { // Finally, output our string echo $output; -?> \ No newline at end of file +?>