PHP :: Bug #57768 :: Segmentation fault on a stream without resource id

Bug #57768	Segmentation fault on a stream without resource id
Submitted:	2007-08-03 12:28 UTC	Modified:	2009-01-10 15:01 UTC
From:	berdir@php.net	Assigned:
Status:	Closed	Package:	ssh2 (PECL)
PHP Version:	Irrelevant	OS:	linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	berdir@php.net
New email:
PHP Version:		OS:

New Comment:

[2007-08-03 12:28 UTC] berdir@php.net

Description:
------------
The following code ends up in a segmentation fault

file_exists('ssh2.sftp:///home/apache');

I am not sure if this is "right", but the following 3 lines of code fixed this problem for me

--- /tmp/pear/cache/ssh2-0.10/ssh2_fopen_wrappers.c     2007-08-03 17:35:34.000000000 +0200
+++ ssh2_fopen_wrappers.c       2007-08-03 18:16:06.000000000 +0200
@@ -124,6 +124,10 @@
 
        resource = php_url_parse(path);
 
+        if (!resource) {
+                return NULL; 
+        }
+
        if (strncmp(resource->scheme, "ssh2.", sizeof("ssh2.") - 1)) {
                /* Not an ssh wrapper */
                php_url_free(resource);






Reproduce code:
---------------
file_exists('ssh2.sftp:///home/apache');

Expected result:
----------------
false

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1216297296 (LWP 1257)]
0xb566ae9c in php_ssh2_fopen_wraper_parse_path (path=0x8ef3ba8 "ssh2.sftp:///home/apache", type=0xb566e628 "sftp", context=0x0, psession=0xbfe03a08, 
    presource_id=0xbfe03a00, psftp=0xbfe03a04, psftp_rsrcid=0xbfe039fc) at /home/u80759076/Projekte/ssh2/ssh2-0.10/ssh2_fopen_wrappers.c:129
129             if (strncmp(resource->scheme, "ssh2.", sizeof("ssh2.") - 1)) {

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-08-08 18:57 UTC] smclean at gmail dot com

Just wanted to say, I just ran in to this bug too.  I couldn't figure it out at all until I ran php in gdb and went source diving.  Some validation of 'resource' would definitely be nice!

[2009-01-10 15:01 UTC] mikesul@php.net

Thank you for your bug report. This issue has been fixed
in the latest released version of the package, which you can download at
http://pecl.php.net/get/ssh2

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 14:01:32 2024 UTC