diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 346dca92..25b7b9c0 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -2683,6 +2683,11 @@ class Net_SSH2 $buffer = ''; while ($remaining_length > 0) { $temp = fread($this->fsock, $remaining_length); + if ($temp === false || feof($this->fsock)) { + user_error('Error reading from socket'); + $this->bitmap = 0; + return false; + } $buffer.= $temp; $remaining_length-= strlen($temp); } @@ -2696,7 +2701,11 @@ class Net_SSH2 if ($this->hmac_check !== false) { $hmac = fread($this->fsock, $this->hmac_size); - if ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { + if ($hmac === false || strlen($hmac) != $this->hmac_size) { + user_error('Error reading socket'); + $this->bitmap = 0; + return false; + } elseif ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { user_error('Invalid HMAC'); return false; }