octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-09-29 23:49:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

return early if fread() response is bool(false)

Browse Source
This commit is contained in:
terrafrost 2020-02-01 16:47:09 -06:00
parent 500e3225a8
commit c2be7e6480
5 changed files with 76 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
phpseclib/Crypt/Random.php
View File

@ -105,7 +105,10 @@ if (!function_exists('crypt_random_string')) {
$fp = @fopen('/dev/urandom', 'rb'); $fp = @fopen('/dev/urandom', 'rb');
} }
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
return fread($fp, $length); $temp = fread($fp, $length);
if (strlen($temp) != $length) {
return $temp;
}
} }
// method 3. pretty much does the same thing as method 2 per the following url: // method 3. pretty much does the same thing as method 2 per the following url:
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391

6
phpseclib/File/X509.php
View File

@ -2218,7 +2218,11 @@ class File_X509
} }
while (!feof($fsock)) { while (!feof($fsock)) {
$data.= fread($fsock, 1024); $temp = fread($fsock, 1024);
if ($temp === false) {
return false;
}
$data.= $temp;
} }
break; break;

3
phpseclib/Net/SSH1.php
View File

@ -1169,6 +1169,9 @@ class Net_SSH1
while ($length > 0) { while ($length > 0) {
$temp = fread($this->fsock, $length); $temp = fread($this->fsock, $length);
if (stlren($temp) != $length) {
return false;
}
$raw.= $temp; $raw.= $temp;
$length-= strlen($temp); $length-= strlen($temp);
} }

6
phpseclib/Net/SSH2.php
View File

@ -1252,7 +1252,11 @@ class Net_SSH2
$elapsed = strtok(microtime(), ' ') + strtok('') - $start; $elapsed = strtok(microtime(), ' ') + strtok('') - $start;
$this->curTimeout-= $elapsed; $this->curTimeout-= $elapsed;
} }
$temp.= fgets($this->fsock, 255); $subtemp = fgets($this->fsock, 255);
if ($subtemp === '' || $subtemp === false) {
return false;
}
$temp.= $subtemp;
} }
if (feof($this->fsock)) { if (feof($this->fsock)) {

66
phpseclib/System/SSH/Agent.php
View File

@ -263,22 +263,35 @@ class System_SSH_Agent_Identity
$packet = pack('Na*', strlen($packet), $packet); $packet = pack('Na*', strlen($packet), $packet);
if (strlen($packet) != fputs($this->fsock, $packet)) { if (strlen($packet) != fputs($this->fsock, $packet)) {
user_error('Connection closed during signing'); user_error('Connection closed during signing');
return false;
} }
$length = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed during signing');
return false;
}
$length = current(unpack('N', $temp));
$type = ord(fread($this->fsock, 1)); $type = ord(fread($this->fsock, 1));
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
user_error('Unable to retreive signature'); user_error('Unable to retreive signature');
return false;
} }
$signature_blob = fread($this->fsock, $length - 1); $signature_blob = fread($this->fsock, $length - 1);
if (strlen($signature_blob) != $length - 1) {
user_error('Connection closed during signing');
return false;
}
$length = current(unpack('N', $this->_string_shift($signature_blob, 4))); $length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
if ($length != strlen($signature_blob)) { if ($length != strlen($signature_blob)) {
user_error('Malformed signature blob'); user_error('Malformed signature blob');
return false;
} }
$length = current(unpack('N', $this->_string_shift($signature_blob, 4))); $length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
if ($length > strlen($signature_blob) + 4) { if ($length > strlen($signature_blob) + 4) {
user_error('Malformed signature blob'); user_error('Malformed signature blob');
return false;
} }
$type = $this->_string_shift($signature_blob, $length); $type = $this->_string_shift($signature_blob, $length);
$this->_string_shift($signature_blob, 4); $this->_string_shift($signature_blob, 4);
@ -406,7 +419,12 @@ class System_SSH_Agent
return array(); return array();
} }
$length = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed while requesting identities');
return array();
}
$length = current(unpack('N', $temp));
$type = ord(fread($this->fsock, 1)); $type = ord(fread($this->fsock, 1));
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) { if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
user_error('Unable to request identities'); user_error('Unable to request identities');
@ -414,14 +432,38 @@ class System_SSH_Agent
} }
$identities = array(); $identities = array();
$keyCount = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed while requesting identities');
return array();
}
$keyCount = current(unpack('N', $temp));
for ($i = 0; $i < $keyCount; $i++) { for ($i = 0; $i < $keyCount; $i++) {
$length = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed while requesting identities');
return array();
}
$length = current(unpack('N', $temp));
$key_blob = fread($this->fsock, $length); $key_blob = fread($this->fsock, $length);
if (strlen($key_blob) != $length) {
user_error('Connection closed while requesting identities');
return array();
}
$key_str = 'ssh-rsa ' . base64_encode($key_blob); $key_str = 'ssh-rsa ' . base64_encode($key_blob);
$length = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed while requesting identities');
return array();
}
$length = current(unpack('N', $temp));
if ($length) { if ($length) {
$key_str.= ' ' . fread($this->fsock, $length); $temp = fread($this->fsock, $length);
if (strlen($temp) != $length) {
user_error('Connection closed while requesting identities');
return array();
}
$key_str.= ' ' . $temp;
} }
$length = current(unpack('N', substr($key_blob, 0, 4))); $length = current(unpack('N', substr($key_blob, 0, 4)));
$key_type = substr($key_blob, 4, $length); $key_type = substr($key_blob, 4, $length);
@ -546,14 +588,24 @@ class System_SSH_Agent
if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) { if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
user_error('Connection closed attempting to forward data to SSH agent'); user_error('Connection closed attempting to forward data to SSH agent');
return false;
} }
$this->socket_buffer = ''; $this->socket_buffer = '';
$this->expected_bytes = 0; $this->expected_bytes = 0;
$agent_reply_bytes = current(unpack('N', fread($this->fsock, 4))); $temp = fread($this->fsock, 4);
if (strlen($temp) != 4) {
user_error('Connection closed while reading data response');
return false;
}
$agent_reply_bytes = current(unpack('N', $temp));
$agent_reply_data = fread($this->fsock, $agent_reply_bytes); $agent_reply_data = fread($this->fsock, $agent_reply_bytes);
if (strlen($agent_reply_data) != $agent_reply_bytes) {
user_error('Connection closed while reading data response');
return false;
}
$agent_reply_data = current(unpack('a*', $agent_reply_data)); $agent_reply_data = current(unpack('a*', $agent_reply_data));
return pack('Na*', $agent_reply_bytes, $agent_reply_data); return pack('Na*', $agent_reply_bytes, $agent_reply_data);