#46695 [Opn]: fread for ssh2 streams core dumps for non-blocking channels

Thu, 27 Nov 2008 02:11:57 -0800 

 ID:               46695
 User updated by:  borchinfolab at gmail dot com
 Reported By:      borchinfolab at gmail dot com
 Status:           Open
 Bug Type:         Reproducible crash
 Operating System: FC9
 PHP Version:      5.3CVS-2008-11-27 (snap)
 New Comment:

I actually changed the php_ssh2_channel_stream_read() function in
ssh2-0.10:

static size_t php_ssh2_channel_stream_read(php_stream *stream, char
*buf, size_t count TSRMLS_DC)
{
   php_ssh2_channel_data *abstract =
(php_ssh2_channel_data*)stream->abstract;

   stream->eof = libssh2_channel_eof(abstract->channel);
   libssh2_channel_set_blocking(abstract->channel,
abstract->is_blocking);
   int res = libssh2_channel_read_ex(abstract->channel,
abstract->streamid, buf, count);
   return(res < 0 ? 0 : res);
}

It might still be an error in fread though - it should perhaps ensure
that return values are postive ints?


Previous Comments:
------------------------------------------------------------------------

[2008-11-27 09:57:31] borchinfolab at gmail dot com

Description:
------------
fread() fails (core dumps) for ssh2 streams.

I have checked the libssh2 library by writing a small C program, and it
seems to handle non-blocking channels correct.

The stream read command (libssh2_channel_read_ex) does return -37 for
non-blocking channels where there are no pending bytes. This "error"
might be reason for the core dump? 

Not sure if the correct place to fix this is in the fread() function or
the php_ssh2_channel_stream_read() function by preventing it from
returning a negative number (libssh2).

The ssh2 pecl package does not compile under php 5.3 (I belive this is
a error in the package and not in php-headers - I've managed to fix this
though, so it does compile)


Reproduce code:
---------------
#!/usr/bin/php
<?php

$connection = ssh2_connect(SERVER_NAME, 22,
array('hostkey'=>'ssh-rsa'));
if(ssh2_auth_pubkey_file($connection, USERNAME, ID_PUB, ID_RSA, '')) {
   $stream = ssh2_exec($connection, "ps -elf");
   # stream_set_blocking($stream, false); THIS DOSN'T WORK
   stream_set_blocking($stream, true); // THIS WORKS

   while(!feof($stream)) {
      $buf = fread($stream, 1024);
      echo ">$buf\n";
   }
}

?>

Expected result:
----------------
No core dump

Actual result:
--------------
Core dump


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=46695&edit=1

Reply via email to