|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59009 Static buffer is freed when using ssh2_auth_none, causing memory corruption
Submitted: 2009-12-25 10:02 UTC Modified: 2011-09-21 15:10 UTC
From: piopawlu at poczta dot onet dot pl Assigned:
Status: Closed Package: ssh2 (PECL)
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
 [2009-12-25 10:02 UTC] piopawlu at poczta dot onet dot pl
As stated in the libssh2 documentation buffer returned from libssh2_userauth_list is handled internally by the library and must not be freed using the efree() method. Freeing this buffer causes internal memory corruption which results in terminating mysql connection for instance and some times a segmentation fault. The efree call should be removed to fix it.

Info about the buffer:

Reproduce code:
Index: ssh2.c
--- ssh2.c      (wersja 292624)
+++ ssh2.c      (kopia robocza)
@@ -596,7 +596,6 @@
        if (strlen(s)) {
                add_next_index_string(return_value, s, 1);
-       efree(methods);
 /* }}} */


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-09-21 15:10 UTC]
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on

In case this was a website problem, the change will show
up on the website in short time.
Thank you for the report, and for helping us make PECL better.

PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sun Dec 03 11:01:27 2023 UTC