[php-maint] Bug#848632: Bug#848632: php5: Segmentation fault when connecting via SSH2 file wrapper

Ondřej Surý ondrej at sury.org
Mon Dec 19 13:21:58 UTC 2016 

Control: reassign -1 php5-ssh2

This is in fact a bug in ssh2. As a temporary workaround you can install
ssh2=0.13 from PECL.

I'll prepare fixed php5-ssh2 package in Debian meanwhile.

Cheers,
-- 
Ondřej Surý <ondrej at sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware,
fast DNS(SEC) resolver
Vše pro chleba (https://vseprochleba.cz) – Mouky ze mlýna a potřeby pro
pečení chleba všeho druhu

On Mon, Dec 19, 2016, at 03:58, Richard Oakham wrote:
> Package: php5-common
> Version: 5.6.27+dfsg-0+deb8u1
> Severity: grave
> Justification: renders package unusable
> 
> PHP on 5.6.28 or 5.6.29 segfaults when attempting to open a directory
> over SSH2 having successfully authenticted. Connects successfully and
> works on 5.6.27.
> 
> Minimal code example:
> 
> $conn=ssh2_connect('**server**',22);
> $username = '**username**';
> $password = '**password**';
> $ssh2check=ssh2_auth_password($conn,$username,$password);
> unset($username);
> unset($password);
> if (!$ssh2check) die ("Unable to connect with supplied credentials.");
> $sftp = ssh2_sftp($conn);
> echo "Done connection\n";
> $handle = opendir("ssh2.sftp://$sftp/SSHUsersPath/Other Files/.");
> 
> Segfaults when the opendir is attempted
> 
> Stack trace:
> 
> #0  __strstr_sse2_unaligned () at
> ../sysdeps/x86_64/multiarch/strstr-sse2-unaligned.S:22
> #1  0x00007ffff2555e30 in php_ssh2_fopen_wraper_parse_path () from
> /usr/lib/php5/20131226/ssh2.so
> #2  0x00007ffff255846d in ?? () from /usr/lib/php5/20131226/ssh2.so
> #3  0x00000000006af320 in _php_stream_opendir ()
> #4  0x0000000000616c76 in ?? ()
> #5  0x000000000054b048 in ?? ()
> #6  0x00000000006e7eba in dtrace_execute_internal ()
> #7  0x00000000007a88a0 in ?? ()
> #8  0x0000000000736bf0 in execute_ex ()
> #9  0x00000000006e7d58 in dtrace_execute_ex ()
> #10 0x00000000006fa940 in zend_execute_scripts ()
> #11 0x0000000000695b60 in php_execute_script ()
> #12 0x00000000007aa85b in ?? ()
> #13 0x0000000000462c0d in main ()
> 
> Replicated on multiple machines.
> 
> -- Package-specific info:
> ==== Additional PHP 5 information ====
> 
> ++++ PHP 5 SAPI (php5query -S): ++++
> cli
> apache2
> 
> ++++ PHP 5 Extensions (php5query -M -v): ++++
> apcu (Enabled for cli by maintainer script)
> apcu (Enabled for apache2 by maintainer script)
> pdo_mysql (Enabled for cli by maintainer script)
> pdo_mysql (Enabled for apache2 by maintainer script)
> readline (Enabled for cli by maintainer script)
> readline (Enabled for apache2 by maintainer script)
> curl (Enabled for cli by maintainer script)
> curl (Enabled for apache2 by maintainer script)
> intl (Enabled for cli by maintainer script)
> intl (Enabled for apache2 by maintainer script)
> mysql (Enabled for cli by maintainer script)
> mysql (Enabled for apache2 by maintainer script)
> mysqli (Enabled for cli by maintainer script)
> mysqli (Enabled for apache2 by maintainer script)
> json (Enabled for cli by maintainer script)
> json (Enabled for apache2 by maintainer script)
> mysqlnd (Enabled for cli by maintainer script)
> mysqlnd (Enabled for apache2 by maintainer script)
> pdo (Enabled for cli by maintainer script)
> pdo (Enabled for apache2 by maintainer script)
> xdebug (Enabled for cli by maintainer script)
> xdebug (Enabled for apache2 by maintainer script)
> opcache (Enabled for cli by maintainer script)
> opcache (Enabled for apache2 by maintainer script)
> gd (Enabled for cli by maintainer script)
> gd (Enabled for apache2 by maintainer script)
> mcrypt (Enabled for cli by maintainer script)
> mcrypt (Enabled for apache2 by maintainer script)
> 
> ++++ Configuration files: ++++
> **** /etc/php5/mods-available/pdo.ini ****
> extension=pdo.so
> 
> **** /etc/php5/mods-available/opcache.ini ****
> zend_extension=opcache.so
> 
> 
> -- System Information:
> Debian Release: 8.6
>   APT prefers testing
>   APT policy: (1000, 'testing'), (1000, 'stable'), (995, 'stable'), (750,
>   'testing'), (500, 'stable-updates')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages php5 depends on:
> ii  libapache2-mod-php5  5.6.27+dfsg-0+deb8u1
> ii  php5-common          5.6.27+dfsg-0+deb8u1
> 
> php5 recommends no packages.
> 
> php5 suggests no packages.
> 
> Versions of packages php5-common depends on:
> ii  libc6   2.19-18+deb8u3
> ii  lsof    4.86+dfsg-1
> ii  psmisc  22.21-2
> ii  sed     4.2.2-4+b1
> ii  ucf     3.0030
> 
> Versions of packages php5-common suggests:
> ii  php5-apcu [php5-user-cache]  4.0.7-1
> 
> -- no debconf information
> 
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint

More information about the pkg-php-maint mailing list