Debian Trixie + PHP-SSH2 segfault with ecdsa key auth #84
Description
PHP CLI program using the PHP-SSH2 package; after upgrading to Trixie, SSH authentication stopped working.
I’m using an ECDSA key. On successful auth the process crashes with a segfault or with free(): invalid pointer.
If I use an RSA key, it doesn’t crash.
To Reproduce
PHP code:
$c=ssh2_connect('10.168.168.192',22);
$K['ecdsa']['priv'] = '/tmp/test/id_ecdsa.pem';
$K['ecdsa']['pub'] = '/tmp/test/id_ecdsa.pub';
$K['rsa']['priv'] = '/tmp/test/id_rsa.pem';
$K['rsa']['pub'] = '/tmp/test/id_rsa.pub';
$T1 = 'ecdsa';
$T2 = 'pub';
$c=ssh2_connect('10.168.168.192',22);
var_dump(ssh2_auth_pubkey_file($c,'datatransbackup',$K[$T1][$T2],$K[$T1]['priv'],''));
Result with ecdsa:
php8.4 x.php
free(): invalid pointer
Félbeszakítva
Result with rsa:
php x.php
bool(true)
The ecdsa key is good:
ssh datatransbackup@10.168.168.192 -i /tmp/test/id_ecdsa.pem
Linux vs192-XXXX 6.14.11-1-pve #1 SMP PREEMPT_DYNAMIC PMX 6.14.11-1 (2025-08-26T16:06Z) x86_64
Last login: Thu Sep 11 07:35:34 2025 from 10.168.168.190
datatransbackup@vs192-XXXX:~$ exit
OS: Debian
Architecture: amd64
Repository: packages.sury.org
apt-cache policy php-ssh2
php-ssh2:
Telepítve: 1.4.1-4+020250508.35+debian131.gbpe1c6bc
Jelölt: 1.4.1-4+020250508.35+debian131.gbpe1c6bc
Verziótáblázat:
*** 1.4.1-4+020250508.35+debian131.gbpe1c6bc 500
500 https://packages.sury.org/php trixie/main amd64 Packages
100 /var/lib/dpkg/status
1.4.1-4 500
500 http://deb.debian.org/debian trixie/main amd64 Packages
dpkg --list | grep libssh2
ii libssh2-1-dev:amd64 1.11.1-1 amd64 SSH2 client-side library (development headers)
ii libssh2-1t64:amd64 1.11.1-1 amd64 SSH2 client-side library
ii php-ssh2 1.4.1-4+020250508.35+debian131.gbpe1c6bc all Bindings for the libssh2 library
ii php8.2-ssh2 1.4.1-4+020250508.35+debian131.gbpe1c6bc amd64 Bindings for the libssh2 library
ii php8.4-ssh2 1.4.1-4+020250508.35+debian131.gbpe1c6bc amd64 Bindings for the libssh2 library
php --ri ssh2
ssh2
SSH2 support => enabled
extension version => 1.4.1
libssh2 version => 1.11.1
banner => SSH-2.0-libssh2_1.11.1