php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #70465 Bug in ldap_search() modifies LDAP_OPT_TIMELIMIT/DEREF's values
Submitted: 2015-09-09 01:58 UTC Modified: 2015-09-09 09:34 UTC
From: tandre at ifwe dot co Assigned: mcmic (profile)
Status: Closed Package: LDAP related
PHP Version: 5.5.29 OS: All
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tandre at ifwe dot co
New email:
PHP Version: OS:

 

 [2015-09-09 01:58 UTC] tandre at ifwe dot co 
Description:
------------
LDAP_OPT_TIMELIMIT and LDAP_OPT_DEREF's original values weren't
saved properly because of a bug introduced when copy and pasting.

This lead to the original timeout being changed
when specifying a temporary override (e.g. for ldap_search(..., $timeout))

(Discovered on PHP-5.6.12 on Centos 6.5, using openLDAP libraries)
(Fixed in https://github.com/php/php-src/pull/1512)
(PHP-5.5 and 5.4 are also affected, but a separate patch would be needed for 5.4 because of merge conflicts)

Test script:
---------------
https://github.com/TysonAndre/php-src/blob/ldap-fix-saving-timeout-and-dereference/ext/ldap/tests/ldap_search_overrides.phpt

It can be simplified to:

$link = ldap_connect($host);
ldap_set_option($link, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING);
ldap_set_option($link, LDAP_OPT_SIZELIMIT, 123);
ldap_set_option($link, LDAP_OPT_TIMELIMIT, 33);
ldap_search($link, $base, $filter, array(), null, 111, 222, LDAP_DEREF_NEVER);
var_dump(
    ldap_get_option($link, LDAP_OPT_DEREF, $option),
    $option,
    ldap_get_option($link, LDAP_OPT_SIZELIMIT, $option),
    $option,
    ldap_get_option($link, LDAP_OPT_TIMELIMIT, $option),
    $option
);


Expected result:
----------------
After executing ldap_search with overrides, I expect ldap_get_option to return the original values of LDAP_OPT_TIMELIMIT and LDAP_OPT_DEREF set by ldap_set_option.

Actual result:
--------------
The value of ldap_get_option($link, LDAP_OPT_DEREF, $option) was clobbered by the $sizelimit override (111)
The value of ldap_get_option($link, LDAP_OPT_TIMELIMIT, $option) was clobbered by the $sizelimit override (111).

Patches

ldap-fix-saving-timeout-and-dereference (last revision 2015-09-09 01:59 UTC by tandre at ifwe dot co)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-09-09 09:34 UTC] mcmic@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: mcmic
 [2015-09-09 09:34 UTC] mcmic@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Fixed in PHP-5.6 and master (see https://github.com/php/php-src/pull/1512 )
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 14:01:29 2024 UTC