php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #36559 ldap_search Causes Access Violation
Submitted: 2006-02-28 16:16 UTC Modified: 2006-06-14 16:34 UTC
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:1 of 2 (50.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: joseph dot r dot gruber at lmco dot com Assigned:
Status: Not a bug Package: LDAP related
PHP Version: 5.1.2 OS: Windows 2000 SP4
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2006-02-28 16:16 UTC] joseph dot r dot gruber at lmco dot com 
Description:
------------
When attempting to search a Windows 2000 Active Directory via LDAP, PHP will crash with an Access Violation.  This will only occur during certain (reproducible) LDAP queries.  For example:

Works: 
$s = ldap_search($conn,"DC=u,DC=contoso,DC=com","(&(objectCategory=group)(name=group.name.domain))",array("cn","samaccountname"));

Doesn't Work:
$s = ldap_search($conn,"DC=u,DC=contoso,DC=com","(&(objectCategory=group)(name=group.name.domain2))",array("cn","samaccountname"));

Where the only difference is in the filter.

Server: IIS 5.1 on Windows 2000 with PHP 5.1.2.  Attempted 5.1.3 (latest snapshot) and issue still occurs.

Reproduce code:
---------------
<?
$conn = ldap_connect("rootdc.contoso.com");
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);

$bind = ldap_bind($conn, "user@contoso.com", "paSSw0rd");

$filter = "(&(objectCategory=group)(name=group.name.domain2))";
$fields = array("member","cn","description","distinguishedname","objectcategory","samaccountname","canonicalname");
$search = ldap_search($conn,"DC=u,DC=contoso,DC=com",$filter,$fields);

$entries = ldap_get_entries($conn, $search);

var_dump($entries);
?>

Expected result:
----------------
Expected to return fields listed in the $fields array in the $entries array.

Actual result:
--------------
The page load terminates and reports: "PHP has encountered an Access Violation at 01CE5CE6"

Backtrace (NOTE: php.exe used for debugging.  Normally use IIS5.1 w/php5isapi.dll):

Unhandled exception in php.exe (PHP_LDAP.dll): 0xC0000005: Access Violation

Call Stack:
PHP_LDAP! 00f95ce6()

Disassembly:
00F95CE6   mov   eax,dword ptr [esi+18h]

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-02-28 16:24 UTC] joseph dot r dot gruber at lmco dot com 
Updated Backtrace:

PHP_LDAP! ldap_result + 822 bytes
PHP_LDAP! ldap_result + 79 bytes
PHP_LDAP! ldap_sasl_bind_s + 152 bytes
PHP_LDAP! ldap_simple_bind_s + 108 bytes
PHP_LDAP! ldap_bind_s + 75 bytes
PHP_LDAP! ldap_new_connection + 458 bytes
PHP_LDAP! ldap_send_server_request + 132 bytes
PHP_LDAP! ldap_chase_v3referrals + 462 bytes
PHP_LDAP! ldap_result + 1659 bytes
PHP_LDAP! ldap_result + 874 bytes
PHP_LDAP! ldap_result + 79 bytes
PHP_LDAP! ldap_sasl_bind_s + 152 bytes
PHP_LDAP! ldap_simple_bind_s + 108 bytes
PHP_LDAP! ldap_bind_s + 75 bytes
PHP_LDAP! ldap_new_connection + 458 bytes
PHP_LDAP! ldap_send_server_request + 132 bytes
PHP_LDAP! ldap_chase_v3referrals + 462 bytes
PHP_LDAP! ldap_result + 1659 bytes
PHP_LDAP! ldap_result + 874 bytes
PHP_LDAP! ldap_result + 79 bytes
PHP_LDAP! ldap_sasl_bind_s + 152 bytes
PHP_LDAP! ldap_simple_bind_s + 108 bytes
PHP_LDAP! ldap_bind_s + 75 bytes
PHP_LDAP! ldap_new_connection + 458 bytes
PHP_LDAP! ldap_send_server_request + 132 bytes
PHP_LDAP! ldap_chase_v3referrals + 462 bytes
PHP_LDAP! ldap_result + 1659 bytes
PHP_LDAP! ldap_result + 874 bytes
PHP_LDAP! ldap_result + 79 bytes
PHP_LDAP! ldap_search_s + 67 bytes
php_ldap_do_search(int 0x00f92325, _zval_struct * 0x00d411f4, _zval_struct * * 0x00d4dc18, _zval_struct * 0x00000000, int 0x00000000, void * * * 0x00000001, int 0x00ba24c0) line 874 + 37 bytes
zif_ldap_search(int 0x00000004, _zval_struct * 0x00d4dc18, _zval_struct * * 0x00000000, _zval_struct * 0x00000000, int 0x00000001, void * * * 0x00ba24c0) line 925 + 37 bytes
PHP5TS! 10018f02()
 [2006-03-02 15:32 UTC] joseph dot r dot gruber at lmco dot com 
Update:  This issue is occuring in the 5.1.x-dev snap as well as the 6.0-dev snap.

The issue also only occurs on Windows 2000.  It does not occur on Windows 2003 nor Windows XP.
 [2006-06-14 16:34 UTC] sniper@php.net 
There's something wrong with your win2k system. No bug, works fine for me.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Fri May 03 22:01:33 2024 UTC