PHP :: Request #32132 :: SSH2 + "Segmentaion Fault"

Request #32132	SSH2 + "Segmentaion Fault"
Submitted:	2005-02-28 15:56 UTC	Modified:	2005-02-28 19:47 UTC
From:	me at bereal dot ru	Assigned:
Status:	Not a bug	Package:	Feature/Change Request
PHP Version:	5.0.3	OS:
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	me at bereal dot ru
New email:
PHP Version:		OS:

New/Additional Comment:

[2005-02-28 15:56 UTC] me at bereal dot ru

Description:
------------
We've got the "Segmentation Fault" error when trying to send more than 2 files via ssh2_scp_send within one connection.

But its all okay when we use new connection for each file upload.

Reproduce code:
---------------
            $ssh2 = $this->Connect($host);
            @ssh2_scp_send($ssh2, $from, $path1.basename($from));
            @ssh2_scp_send($ssh2, $from, $path2.basename($from));
            @ssh2_scp_send($ssh2, $from, $path3.basename($from));
            @ssh2_scp_send($ssh2, $from, $path4.basename($from));


Expected result:
----------------
Segmentation fault

Actual result:
--------------
Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-02-28 17:25 UTC] me at bereal dot ru

Program received signal SIGSEGV, Segmentation fault.
0x081d7c07 in _efree (ptr=0x836b85d) at /usr/local/src/php-5.0.2/Zend/zend_alloc.c:281
281             REMOVE_POINTER_FROM_LIST(p);
(gdb) bt
#0  0x081d7c07 in _efree (ptr=0x836b85d) at /usr/local/src/php-5.0.2/Zend/zend_alloc.c:281
#1  0x0813466d in php_ssh2_free_cb (ptr=0x6174732d, abstract=0x836b6ec) at /usr/local/src/php-5.0.2/ext/ssh2/ssh2.c:68
#2  0x40052a1e in libssh2_comp_method_zlib_comp (session=0x836b6ec, compress=0, dest=0x6174732d, dest_len=0x6174732d, payload_limit=40000, 
    free_dest=0x6174732d, src=0x6174732d <Address 0x6174732d out of bounds>, src_len=7566708, abstract=0x6174732d) at comp.c:223
#3  0x40059a2f in libssh2_packet_read (session=0x836b6ec, should_block=0) at packet.c:695
#4  0x40059d19 in libssh2_packet_ask_ex (session=0x836b6ec, packet_type=99 'c', data=0x6174732d, data_len=0x6174732d, match_ofs=1, match_buf=0xbfff9fa8 "", 
    match_len=4, poll_socket=1) at packet.c:787
#5  0x400515d6 in libssh2_channel_process_startup (channel=0x83beedc, request=0x6174732d <Address 0x6174732d out of bounds>, request_len=4, 
    message=0x8357484 "scp -pt /vhosts/test/htdocs/synchronizer/test3/newser/0000001070902835.txt", message_len=75) at channel.c:704
#6  0x4005a9c0 in libssh2_scp_send_ex (session=0x836b6ec, path=0x83573bc "/vhosts/test/htdocs/synchronizer/test3/newser/0000001070902835.txt", 
    mode=1635021613, size=1635021613, mtime=1109608206, atime=1070956777) at scp.c:358
#7  0x08138d46 in zif_ssh2_scp_send (ht=3, return_value=0x83705ac, this_ptr=0x0, return_value_used=0)
    at /usr/local/src/php-5.0.2/ext/ssh2/ssh2_fopen_wrappers.c:965
#8  0x08225434 in zend_do_fcall_common_helper (execute_data=0xbfffcce0, opline=0x83680f0, op_array=0x8361c14)
    at /usr/local/src/php-5.0.2/Zend/zend_execute.c:2711
#9  0x08225798 in zend_do_fcall_handler (execute_data=0xbfffcce0, opline=0x83680f0, op_array=0x6174732d)
    at /usr/local/src/php-5.0.2/Zend/zend_execute.c:2843
#10 0x08213418 in execute (op_array=0x8361c14) at /usr/local/src/php-5.0.2/Zend/zend_execute.c:1400
#11 0x08224f05 in zend_do_fcall_common_helper (execute_data=0xbfffd4e0, opline=0x835adfc, op_array=0x8353cdc)
    at /usr/local/src/php-5.0.2/Zend/zend_execute.c:2740
#12 0x08225671 in zend_do_fcall_by_name_handler (execute_data=0x737574, opline=0x6174732d, op_array=0x6174732d)
    at /usr/local/src/php-5.0.2/Zend/zend_execute.c:2825
#13 0x08213418 in execute (op_array=0x8353cdc) at /usr/local/src/php-5.0.2/Zend/zend_execute.c:1400
#14 0x081f0151 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /usr/local/src/php-5.0.2/Zend/zend.c:1060
#15 0x081b2ddf in php_execute_script (primary_file=0xbffff9a0) at /usr/local/src/php-5.0.2/main/main.c:1629
#16 0x0822e9f5 in main (argc=2, argv=0xbffffa24) at /usr/local/src/php-5.0.2/sapi/cli/php_cli.c:943
#17 0x40252912 in __libc_start_main () from /lib/i686/libc.so.6

[2005-02-28 17:56 UTC] pollita@php.net

I *think* I've identified the bug in libssh2 (try the next release when it comes out), for now you can avoid this bug by disabling compression.

$methods = array('client_to_server'=>array('comp'=>'none'),'server_to_client'=>array('comp'=>'none'));

$connection = ssh2_connect($host, $post, $methods);

[2005-02-28 19:47 UTC] pollita@php.net

This bug system is for bugs in core PHP.   The ssh2 extension is a PECL project so reporting of this bug probably should have started with http://pecl.php.net/bugs/

Of course, beyond that the actual problem is in libssh2 which is a sourceforge.net project so it *really* belongs in that bug system.

Sorry it's so convoluted, but there are a fair number of cooks in the kitchen.

I will continue to work on the libssh2 bug despite closing this report.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Apr 20 04:01:28 2024 UTC