php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68023 Segfault authenticating to servers that do not support authentication
Submitted: 2014-09-16 00:41 UTC Modified: 2015-07-15 07:36 UTC
Votes:1
Avg. Score:2.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: felipe at weckx dot net Assigned: langemeijer (profile)
Status: Closed Package: ssh2 (PECL)
PHP Version: 5.6.0 OS: Linux 3.16.2-1
Private report: No CVE-ID: None
 [2014-09-16 00:41 UTC] felipe at weckx dot net
Description:
------------
Some simpler devices (e.g. older Cisco Devices, Dell SonicWall firewalls, Motorola RFS 7000 switches) implement the SSH service without any authentication (they show a prompt after the connection is established). If a ssh2_auth_password or ssh2_auth_agent is called on a connection to one of these devices a segfault occurs because libssh2_userauth_list returns NULL.

The problem can be prevented by calling ssh2_auth_none and checking if the return value is TRUE, but I believe the ssh2_auth_password should fail gracefully.

Test script:
---------------
$host = '95.215.46.98';
$port = 2200;
$conn = ssh2_connect($host, $port);
if (!$conn) {
        echo "Error connecting to '{$host}:{$port}'\n";
        die(1);
}
echo "Connected to '{$host}:{$port}'. Trying password authentication\n";
ssh2_auth_password($conn, 'test', 'test');
echo "OK\n";


Expected result:
----------------
Connected to '95.215.46.98:2200'. Trying password authentication
Segmentation fault (core dumped)



Patches

ssh2-auth-none-segfault-fix (last revision 2014-09-16 00:41 UTC by felipe at weckx dot net)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-07-15 07:36 UTC] langemeijer@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: langemeijer
 [2015-07-15 07:36 UTC] langemeijer@php.net
Patch is merged into git.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Thu Nov 26 10:01:25 2020 UTC