On Mon, May 25, 2020 at 1:09 PM Shivanand Sharma <shivanand@xxxxxxxxxxxxxx> wrote:
So the script is a part of a web application / plugin which is basically a malware scanner.Webserver owners install this app and schedule it to run on a periodic basis.This means that it could be a LAMP or LEMP or other kind of stack with cgi or mod_php etc.Hang / Freeze: The issue is that some regexes / payloads or a combination thereof makes the script exceed max_execution_time. This is not desirable or even expected.In this case it's acceptable for the script to hit max_execution_time and the app will just schedule the next batch.However with the bug in question, the script exceeds max_execution_time and PHP has no way to recover.One way was to have a url-endpoint where we could post a request via curl and if that fails or times-out the script can still continue. But I was interested in exploring if PHP itself can recover from such a situation without having to rely on an external process.Regards,
Shivanand Sharma
You have taken the wrong approach to fix the issue. Not a good idea to use PHP as a malware scanner (you should be using a programming language instead of a scripting one), this is just the first issue you will run into of many. If it is an option you might think of using a different solution.
In regards to your issue, you can modify set_time_limit to unlimited run time if max execution time is the issue.
External post is a solution that is worst than the initial solution. Thus my first concern on the design, you will keep adding band-aids to solve issues you come up with, it would be best to write it from scratch using python, java, c/c++ or any other more efficient programming languages.
