php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57651 connecting to a open non-ssh port results in fatal error: out of memory
Submitted: 2007-05-07 05:59 UTC Modified: 2009-01-11 13:21 UTC
From: berdir@php.net Assigned:
Status: Closed Package: ssh2 (PECL)
PHP Version: 5.2.1 OS: Linux
Private report: No CVE-ID: None
 [2007-05-07 05:59 UTC] berdir@php.net
Description:
------------
When connecting to an open port and there runs something differen than a ssh server, php crashes with a out of memory fatal error:

Reproduce code:
---------------
$ssh2 = ssh2->connect('localhost', 80);

Expected result:
----------------
Warning: ssh2_connect(): Unable to connect to localhost on port 80

Actual result:
--------------
Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 1013478400 bytes)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-05-03 13:40 UTC] volkirik at yahoo dot com dot tr
this bug should be fixed but,,

maybe you can check port yourself:

<?php
function ssh_check($ip, $pt)
{
	$conn_timeout = 5; // connection timeout
	$resp_timeout = 3; // response timeout

	$fp = fsockopen($ip, $pt, $errno, $errstr, $conn_timeout);
	if (!$fp) {
		return null;
	} else {
		stream_set_blocking ($fp, true);
		stream_set_timeout($fp, $resp_timeout);
		fwrite($fp, 'TEST'."\n");
		sleep(1);
		$response = fgets($fp, 128);
		fclose($fp);

		//var_dump($response); // for testing

		if ( preg_match('#^SSH-2#i', $response) ) {
			return true;
		} else {
			return false;
		}
	}
}
?>
<?php
$host = 'localhost';
$port = 80;

if ( ssh_check($host, $port) == true ) {
	$ssh2=ssh2_connect($host, $port);
} else {
	die('bad ssh2 port');
}
?>
 [2008-05-09 11:19 UTC] volkirik at yahoo dot com dot tr
Use latest libSSH2 version to get a Warning:

PHP Warning:  ssh2_connect() [<a href='function.ssh2-connect'>function.ssh2-connect</a>]: Error starting up SSH connection(-5): Unable to exchange encryption keys in /root/con_test.php on line 11

You can patch libSSH2 to get more accurate Warning :

PHP Warning:  ssh2_connect() [<a href='function.ssh2-connect'>function.ssh2-connect</a>]: Error starting up SSH connection(-2): Timeout waiting for banner in /root/con_test.php on line 11

file : src/session.c
func : libssh2_banner_receive
line : 183 (version 0.18)

ADD:

	/* check remote banner */
	char *std_banner_head = "SSH-2.0";
	if (strstr((char *) session->remote.banner, std_banner_head)==NULL)
	{
		libssh2_error(session, LIBSSH2_ERROR_BANNER_NONE,
				"No SSH2 banner", 0);
		return LIBSSH2_ERROR_BANNER_NONE;
	}

IMPORTANT NOTE: LINE numbers and file names may be different in other libSSH2 versions..

----
Volkan K.
 [2008-05-19 16:23 UTC] volkirik at yahoo dot com dot tr
ADDITIONAL NOTE: This was related to a bug in LibSSH2 versions older than v0.18

* Satish Mittal and David J Sullivan fixed an infinit recv() loop in
 libssh2_banner_receive()
 [2009-01-11 13:21 UTC] mikesul@php.net
As noted, this has been addressed in the underlying library (and there's no other way to deal with it).
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Tue Nov 19 00:01:39 2019 UTC