Adapted for 1.0 from:


From 17680cf039f0cfac53b5a2531fdb715b95e9cc42 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Thu, 10 Nov 2016 09:16:02 +0100
Subject: [PATCH] fix for PHP 7.0.13 where php_url_parse fails

---
 ssh2_fopen_wrappers.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/ssh2_fopen_wrappers.c b/ssh2_fopen_wrappers.c
index c8d1d07..17444dc 100644
--- a/ssh2_fopen_wrappers.c
+++ b/ssh2_fopen_wrappers.c
@@ -213,10 +213,19 @@
 	php_url *resource;
 	zval *methods = NULL, *callbacks = NULL, zsession, *tmpzval;
 	long resource_id;
-	char *s, *username = NULL, *password = NULL, *pubkey_file = NULL, *privkey_file = NULL;
+	char *h, *s, *username = NULL, *password = NULL, *pubkey_file = NULL, *privkey_file = NULL;
 	int username_len = 0, password_len = 0;
 
-	resource = php_url_parse(path);
+	h = strstr(path, "Resource id #");
+	if (h) {
+		/* Starting with 5.6.28, 7.0.13 need to be clean, else php_url_parse will fail */
+		char *tmp = estrdup(path);
+		strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp));
+		resource = php_url_parse(tmp);
+		efree(tmp);
+	} else {
+		resource = php_url_parse(path);
+	}
 	if (!resource || !resource->path) {
 		return NULL;
 	}
@@ -247,9 +256,6 @@
 
 	/* Look for a resource ID to reuse a session */
 	s = resource->host;
-	if (strncmp(resource->host, "Resource id #", sizeof("Resource id #") - 1) == 0) {
-		s = resource->host + sizeof("Resource id #") - 1;
-	}
 	if (is_numeric_string(s, strlen(s), &resource_id, NULL, 0) == IS_LONG) {
 		php_ssh2_sftp_data *sftp_data;
 
-- 
2.1.4

From 756e2f1369f2d5ff006222d978806f4fd91659e1 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Thu, 10 Nov 2016 09:33:25 +0100
Subject: [PATCH] fix Invalid write of size 1

---
 ssh2_fopen_wrappers.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ssh2_fopen_wrappers.c b/ssh2_fopen_wrappers.c
index 17444dc..ffbd6e3 100644
--- a/ssh2_fopen_wrappers.c
+++ b/ssh2_fopen_wrappers.c
@@ -220,7 +220,8 @@ php_url *php_ssh2_fopen_wraper_parse_path(const char *path, char *type, php_stre
 	if (h) {
 		/* Starting with 5.6.28, 7.0.13 need to be clean, else php_url_parse will fail */
 		char *tmp = estrdup(path);
-		strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp));
+
+		strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp)-sizeof("Resource id #"));
 		resource = php_url_parse(tmp);
 		efree(tmp);
 	} else {
-- 
2.1.4