|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #70465 Bug in ldap_search() modifies LDAP_OPT_TIMELIMIT/DEREF's values
Submitted: 2015-09-09 01:58 UTC Modified: 2015-09-09 09:34 UTC
From: tandre at ifwe dot co Assigned: mcmic (profile)
Status: Closed Package: LDAP related
PHP Version: 5.5.29 OS: All
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: tandre at ifwe dot co
New email:
PHP Version: OS:


 [2015-09-09 01:58 UTC] tandre at ifwe dot co
LDAP_OPT_TIMELIMIT and LDAP_OPT_DEREF's original values weren't
saved properly because of a bug introduced when copy and pasting.

This lead to the original timeout being changed
when specifying a temporary override (e.g. for ldap_search(..., $timeout))

(Discovered on PHP-5.6.12 on Centos 6.5, using openLDAP libraries)
(Fixed in
(PHP-5.5 and 5.4 are also affected, but a separate patch would be needed for 5.4 because of merge conflicts)

Test script:

It can be simplified to:

$link = ldap_connect($host);
ldap_set_option($link, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING);
ldap_set_option($link, LDAP_OPT_SIZELIMIT, 123);
ldap_set_option($link, LDAP_OPT_TIMELIMIT, 33);
ldap_search($link, $base, $filter, array(), null, 111, 222, LDAP_DEREF_NEVER);
    ldap_get_option($link, LDAP_OPT_DEREF, $option),
    ldap_get_option($link, LDAP_OPT_SIZELIMIT, $option),
    ldap_get_option($link, LDAP_OPT_TIMELIMIT, $option),

Expected result:
After executing ldap_search with overrides, I expect ldap_get_option to return the original values of LDAP_OPT_TIMELIMIT and LDAP_OPT_DEREF set by ldap_set_option.

Actual result:
The value of ldap_get_option($link, LDAP_OPT_DEREF, $option) was clobbered by the $sizelimit override (111)
The value of ldap_get_option($link, LDAP_OPT_TIMELIMIT, $option) was clobbered by the $sizelimit override (111).


ldap-fix-saving-timeout-and-dereference (last revision 2015-09-09 01:59 UTC by tandre at ifwe dot co)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2015-09-09 09:34 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: mcmic
 [2015-09-09 09:34 UTC]
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at

 For Windows:
Thank you for the report, and for helping us make PHP better.

Fixed in PHP-5.6 and master (see )
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 15 00:01:28 2024 UTC