|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60183 Bug resulting in out of sync ftp responses
Submitted: 2011-11-01 00:33 UTC Modified: 2011-11-01 15:16 UTC
From: bram at ebskamp dot me Assigned: rasmus (profile)
Status: Closed Package: FTP related
PHP Version: 5.3.8 OS: All
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
43 - 34 = ?
Subscribe to this entry?

 [2011-11-01 00:33 UTC] bram at ebskamp dot me
Our servers make several hundred FTP-connections via PHP every day. About one 
out of every thousand connections PHP throws a warning with a server-response 
that is not even related to the executed command.

I've looked into the sourcecode and found a bug in the core of the ftp 
extension. This bug appears whenever the ftp-server sends an extra response that 
PHP was not expecting, resulting in the response-buffer permanently running out 
of sync. Because of this, PHP will keep reading the wrong response lines (and 
thus often receiving the wrong ftp status codes) and will report most ftp 
commands as failed after this.

Looking at different complaints scatterred across the internet about receiving 
unexpected responses from the PHP FTP extension after receiving 1 warning, this 
bug has been bugging people for quite some time now. Some of the current ftp-
bugreports are a direct result of this bug.

Clearing the 'extra' buffer object from the last response, before sending a new 

# diff -urN ftp_old.c ftp.c
--- ftp_old.c   2011-11-01 00:28:05.000000000 +0100
+++ ftp.c       2011-11-01 00:29:29.000000000 +0100
@@ -1122,6 +1122,9 @@

        data = ftp->outbuf;

+       /* Clear the extra-lines buffer */
+       ftp->extra = NULL;
        if (my_send(ftp, ftp->fd, data, size) != size) {
                return 0;

Test script:
How to reproduce:
Let the ftp-server send an extra (unexpected) server response, or simulate one:

diff -urN ftp_old.c ftp.c
--- ftp_old.c   2011-11-01 00:28:05.000000000 +0100
+++ ftp.c       2011-11-01 01:07:34.000000000 +0100
@@ -1294,6 +1294,19 @@
+       /* Simulate an extra unexpected server command
+       in this case right after entering passive mode (code 227) */
+       char cmd[] = "200 OK.\n";
+       if (nr_bytes > 0)
+       {
+               if (!strncmp(buf, "227 ", 4))
+               {
+                       strcat(ftp->inbuf, cmd);
+                       nr_bytes += sizeof(cmd)-1;
+               }
+       }
        return (nr_bytes);
 /* }}} */

Expected result:
Expected result:
A warning.

Actual result:
Actual result:
A warning, but all commands followed by the last one are running out of 
sync/failing. Also the warning thrown shows the wrong server response since the 
buffer is running out of sync.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-11-01 15:15 UTC]
Automatic comment from SVN on behalf of rasmus
Log: Fix bug 60183
 [2011-11-01 15:16 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: rasmus
 [2011-11-01 15:16 UTC]
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at

 For Windows:
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun May 26 18:01:33 2024 UTC