1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
Adapted for 1.0 from:
From 17680cf039f0cfac53b5a2531fdb715b95e9cc42 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Thu, 10 Nov 2016 09:16:02 +0100
Subject: [PATCH] fix for PHP 7.0.13 where php_url_parse fails
---
ssh2_fopen_wrappers.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/ssh2_fopen_wrappers.c b/ssh2_fopen_wrappers.c
index c8d1d07..17444dc 100644
--- a/ssh2_fopen_wrappers.c
+++ b/ssh2_fopen_wrappers.c
@@ -213,10 +213,19 @@
php_url *resource;
zval *methods = NULL, *callbacks = NULL, zsession, *tmpzval;
long resource_id;
- char *s, *username = NULL, *password = NULL, *pubkey_file = NULL, *privkey_file = NULL;
+ char *h, *s, *username = NULL, *password = NULL, *pubkey_file = NULL, *privkey_file = NULL;
int username_len = 0, password_len = 0;
- resource = php_url_parse(path);
+ h = strstr(path, "Resource id #");
+ if (h) {
+ /* Starting with 5.6.28, 7.0.13 need to be clean, else php_url_parse will fail */
+ char *tmp = estrdup(path);
+ strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp));
+ resource = php_url_parse(tmp);
+ efree(tmp);
+ } else {
+ resource = php_url_parse(path);
+ }
if (!resource || !resource->path) {
return NULL;
}
@@ -247,9 +256,6 @@
/* Look for a resource ID to reuse a session */
s = resource->host;
- if (strncmp(resource->host, "Resource id #", sizeof("Resource id #") - 1) == 0) {
- s = resource->host + sizeof("Resource id #") - 1;
- }
if (is_numeric_string(s, strlen(s), &resource_id, NULL, 0) == IS_LONG) {
php_ssh2_sftp_data *sftp_data;
--
2.1.4
From 756e2f1369f2d5ff006222d978806f4fd91659e1 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@php.net>
Date: Thu, 10 Nov 2016 09:33:25 +0100
Subject: [PATCH] fix Invalid write of size 1
---
ssh2_fopen_wrappers.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ssh2_fopen_wrappers.c b/ssh2_fopen_wrappers.c
index 17444dc..ffbd6e3 100644
--- a/ssh2_fopen_wrappers.c
+++ b/ssh2_fopen_wrappers.c
@@ -220,7 +220,8 @@ php_url *php_ssh2_fopen_wraper_parse_path(const char *path, char *type, php_stre
if (h) {
/* Starting with 5.6.28, 7.0.13 need to be clean, else php_url_parse will fail */
char *tmp = estrdup(path);
- strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp));
+
+ strncpy(tmp + (h-path), h + sizeof("Resource id #")-1, strlen(tmp)-sizeof("Resource id #"));
resource = php_url_parse(tmp);
efree(tmp);
} else {
--
2.1.4
|
