[wp-trac] [WordPress Trac] #57050: Allocation of JIT memory failed …
WordPress Trac
noreply at wordpress.org
Wed Nov 9 21:04:28 UTC 2022
#57050: Allocation of JIT memory failed …
------------------------------+-------------------------------
Reporter: petroski | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 6.1
Severity: normal | Keywords: changes-requested
Focuses: coding-standards |
------------------------------+-------------------------------
Hello All,
I provide hosting for a number of WordPress websites on a CentOS server
with the following config.
CentOS Linux 7.9.2009
Plesk Obsidian Version 18.0.47
PHP 7.43
mySQL 5.5.68-1.el7
For server security I have Atomic Secured Linux (Atomic Protector)
installed that provides Firewall and OSSEC security (full version, not
Plesk extension)
For quite some time, ASL has been reporting the following error code
hundreds of times a day …
60027 : Denied a RWX mmap event. An application just attempted to use the
mprotect function to bypass memory protection functions in the kernel.
I have contacted Atomic support several times over this issue but the
problem is not with their software, it is doing what it is supposed to do.
ASL uses their own custom kernel that would deny attempts to bypass memory
protection.
So, digging a little deeper, I find this in my server logs at:
/var/log/plesk-php74-fpm/error.log
WARNING: [pool xxxxxxxxx.ca] child 23848 said into stderr: “PHP message:
PHP Warning: preg_match(): Allocation of JIT memory failed, PCRE JIT will
be disabled. This is likely caused by security restrictions. Either grant
PHP permission to allocate executable memory, or set pcre.jit=0 in
/var/www/vhosts/xxxxxxxxx.ca/httpdocs/wp-includes/load.php on line 43”
So, every time any of the domains on my server loads, this error is
generated.
Looking at the file wp-includes/load.php, here is the errant code ((note
lines 42 and 43 as marked)
function wp_fix_server_vars() {
global $PHP_SELF;
$default_server_values = array(
'SERVER_SOFTWARE' => '',
'REQUEST_URI' => '',
);
$_SERVER = array_merge( $default_server_values, $_SERVER );
Line 42 // Fix for IIS when running with PHP ISAPI.
Line 43 if ( empty( $_SERVER['REQUEST_URI'] ) || ( 'cgi-fcgi' !== PHP_SAPI
&& preg_match( '/^Microsoft-IIS\//', $_SERVER['SERVER_SOFTWARE'] ) ) ) {
if ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) {
// IIS Mod-Rewrite.
$_SERVER['REQUEST_URI'] =
$_SERVER['HTTP_X_ORIGINAL_URL'];
} elseif ( isset( $_SERVER['HTTP_X_REWRITE_URL'] ) ) {
// IIS Isapi_Rewrite.
$_SERVER['REQUEST_URI'] =
$_SERVER['HTTP_X_REWRITE_URL'];
} else {
// Use ORIG_PATH_INFO if there is no PATH_INFO.
if ( ! isset( $_SERVER['PATH_INFO'] ) && isset(
$_SERVER['ORIG_PATH_INFO'] ) ) {
$_SERVER['PATH_INFO'] =
$_SERVER['ORIG_PATH_INFO'];
}
// Some IIS + PHP configurations put the script-
name in the path-info (no need to append it twice).
if ( isset( $_SERVER['PATH_INFO'] ) ) {
if ( $_SERVER['PATH_INFO'] ==
$_SERVER['SCRIPT_NAME'] ) {
$_SERVER['REQUEST_URI'] =
$_SERVER['PATH_INFO'];
} else {
$_SERVER['REQUEST_URI'] =
$_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'];
}
}
// Append the query string if it exists and isn't
null.
if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
$_SERVER['REQUEST_URI'] .= '?' .
$_SERVER['QUERY_STRING'];
}
}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57050>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list