PHP :: Bug #57829 :: ssh2 causes php segfaults

Bug #57829	ssh2 causes php segfaults
Submitted:	2007-09-08 00:03 UTC	Modified:	2008-12-02 17:04 UTC
From:	adam-peclbugs at adam dot gs	Assigned:	mikesul (profile)
Status:	Closed	Package:	ssh2 (PECL)
PHP Version:	Irrelevant	OS:	Multiple (FreeBSD/OSX/Linux)
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	adam-peclbugs at adam dot gs
New email:
PHP Version:		OS:

New Comment:

[2007-09-08 00:03 UTC] adam-peclbugs at adam dot gs

Description:
------------
ssh2 function causes segfaults when using ssh2_exec.

If, stream_set_blocking($stream,true) is called prior to 
stream_get_contents the script proceeds normally and does 
not segfault.

Program received signal EXC_BAD_ACCESS, Could not access 
memory.
Reason: KERN_INVALID_ADDRESS at address: 0x01784000
0xffff0d25 in ___memcpy () at 
/System/Library/Frameworks/System.framework/PrivateHeaders/i
386/cpu_capabilities.h:228
228     
/System/Library/Frameworks/System.framework/PrivateHeaders/i
386/cpu_capabilities.h: No such file or directory.
        in 
/System/Library/Frameworks/System.framework/PrivateHeaders/i
386/cpu_capabilities.h
(gdb) bt
#0  0xffff0d25 in ___memcpy () at 
/System/Library/Frameworks/System.framework/PrivateHeaders/i
386/cpu_capabilities.h:228
#1  0x00255748 in _php_stream_read (stream=0x16f94dc, 
buf=0x208e010 "", size=0) at 
/Users/adam/Scripts/compile/php-
5.2.4/main/streams/streams.c:573
#2  0x0025648b in _php_stream_copy_to_mem (src=0x16f94dc, 
buf=0xbffff2dc, maxlen=0, persistent=0) at 
/Users/adam/Scripts/compile/php-
5.2.4/main/streams/streams.c:1258
#3  0x0022ed2d in zif_stream_get_contents (ht=1, 
return_value=0x16f7604, return_value_ptr=0x0, this_ptr=0x0, 
return_value_used=1) at /Users/adam/Scripts/compile/php-
5.2.4/ext/standard/streamsfuncs.c:413
#4  0x002a4ecb in zend_do_fcall_common_helper_SPEC 
(execute_data=0xbffff3f0) at 
/Users/adam/Scripts/compile/php-
5.2.4/Zend/zend_vm_execute.h:200
#5  0x002a2a6b in execute (op_array=0x16f8b0c) at 
/Users/adam/Scripts/compile/php-
5.2.4/Zend/zend_vm_execute.h:92
#6  0x00286364 in zend_execute_scripts (type=8, retval=0x0, 
file_count=3) at /Users/adam/Scripts/compile/php-
5.2.4/Zend/zend.c:1134
#7  0x00241f8b in php_execute_script 
(primary_file=0xbffffb58) at 
/Users/adam/Scripts/compile/php-5.2.4/main/main.c:1982
#8  0x00317d18 in main (argc=2, argv=0xbffffc08) at 
/Users/adam/Scripts/compile/php-
5.2.4/sapi/cli/php_cli.c:1140




Reproduce code:
---------------
<?php

$connection = ssh2_connect('gotlinux.us', 22);
ssh2_auth_password($connection, 'username', 'password');

$stream = ssh2_exec($connection, "/usr/bin/uname -snr");
//stream_set_blocking($stream,true);
print stream_get_contents($stream);
?>

Expected result:
----------------
should output uname -snr something like: OpenBSD 
cocytus.adamjacobmuller.com 4.1




Actual result:
--------------
segfault!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-12-02 17:04 UTC] mike at regexia dot com

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 14:01:32 2024 UTC