From: Operating system: All PHP version: 5.3.8 Package: FTP related Bug Type: Bug Bug description:Bug resulting in out of sync ftp responses
Description: ------------ Our servers make several hundred FTP-connections via PHP every day. About one out of every thousand connections PHP throws a warning with a server-response that is not even related to the executed command. I've looked into the sourcecode and found a bug in the core of the ftp extension. This bug appears whenever the ftp-server sends an extra response that PHP was not expecting, resulting in the response-buffer permanently running out of sync. Because of this, PHP will keep reading the wrong response lines (and thus often receiving the wrong ftp status codes) and will report most ftp commands as failed after this. Looking at different complaints scatterred across the internet about receiving unexpected responses from the PHP FTP extension after receiving 1 warning, this bug has been bugging people for quite some time now. Some of the current ftp- bugreports are a direct result of this bug. Bugfix: Clearing the 'extra' buffer object from the last response, before sending a new command. # diff -urN ftp_old.c ftp.c --- ftp_old.c 2011-11-01 00:28:05.000000000 +0100 +++ ftp.c 2011-11-01 00:29:29.000000000 +0100 @@ -1122,6 +1122,9 @@ data = ftp->outbuf; + /* Clear the extra-lines buffer */ + ftp->extra = NULL; + if (my_send(ftp, ftp->fd, data, size) != size) { return 0; } Test script: --------------- How to reproduce: Let the ftp-server send an extra (unexpected) server response, or simulate one: diff -urN ftp_old.c ftp.c --- ftp_old.c 2011-11-01 00:28:05.000000000 +0100 +++ ftp.c 2011-11-01 01:07:34.000000000 +0100 @@ -1294,6 +1294,19 @@ #if HAVE_OPENSSL_EXT } #endif + + /* Simulate an extra unexpected server command + in this case right after entering passive mode (code 227) */ + char cmd[] = "200 OK.\n"; + if (nr_bytes > 0) + { + if (!strncmp(buf, "227 ", 4)) + { + strcat(ftp->inbuf, cmd); + nr_bytes += sizeof(cmd)-1; + } + } + return (nr_bytes); } /* }}} */ Expected result: ---------------- Expected result: A warning. Actual result: -------------- Actual result: A warning, but all commands followed by the last one are running out of sync/failing. Also the warning thrown shows the wrong server response since the buffer is running out of sync. -- Edit bug report at https://bugs.php.net/bug.php?id=60183&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=60183&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=60183&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=60183&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=60183&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=60183&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=60183&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=60183&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=60183&r=needscript Try newer version: https://bugs.php.net/fix.php?id=60183&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=60183&r=support Expected behavior: https://bugs.php.net/fix.php?id=60183&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=60183&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=60183&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=60183&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=60183&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=60183&r=dst IIS Stability: https://bugs.php.net/fix.php?id=60183&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=60183&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=60183&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=60183&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=60183&r=mysqlcfg