|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #62376 Segmentation Fault with keyboard-interactive auth
Submitted: 2012-06-20 21:23 UTC Modified: 2012-06-21 07:08 UTC
From: brak at gameservers dot com Assigned: langemeijer (profile)
Status: Closed Package: ssh2 (PECL)
PHP Version: 5.3.14 OS: CentOS 6.2
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: brak at gameservers dot com
New email:
PHP Version: OS:


 [2012-06-20 21:23 UTC] brak at gameservers dot com
I'm seeing a segmentation fault when I try to connect and authenticate to a 
that only supports keyboard-interactive auth.  

I applied 
v0.11.3 of the code.

I see this crash every time, I believe I've traced it down to this line:

// line below does NOT estrdup() because it is used and freed by the libssh2 
responses[0].text = strdup(password_for_kbd_callback);

Later on, that response gets cleaned up by a LIBSSH2_FREE call, which ultimately 
calls efree().  I believe this crash is occurring because estrdup was not used.  
If I switch that line to use estrdup, the crash ceases.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2012-06-21 07:06 UTC]
Automatic comment from SVN on behalf of langemeijer
Log: Use estrdup() to fix bug #62376
 [2012-06-21 07:08 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: langemeijer
 [2012-06-21 07:08 UTC]
Thank you that you took some time to test this!

Change is committed in SVN.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Sep 22 16:01:24 2023 UTC