|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72753 ldap_search returns zero results when searching for large integers
Submitted: 2016-08-04 09:35 UTC Modified: 2017-01-10 17:33 UTC
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: justinasu at gmail dot com Assigned: heiglandreas (profile)
Status: Assigned Package: LDAP related
PHP Version: 7.0.9 OS: windows 8.1 x64
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-08-04 09:35 UTC] justinasu at gmail dot com
<ldapserver> and <base dn> in test script should be substituted with some ldap server that you have access to and you need to have read permission to usnchanged attribute.

when searching for entries by usnchanged which is a Microsoft proposed way of polling for changes, the test script returns 0 results. But if you run the same filter query in Active Directory explorer or some other tool i get many results - couple of thousand.

if the value is smaller lets say (usnchanged>=261605367) i get expected results.

i suspect that somewhere in LDAP php internals the value gets interpreted as 32bit integer and since it's max is 4,294,967,295, the query with higher values never returns any results. usnchanged field is 8bit INTERGER (BIGINT) in Active Directory.

tried on linux Centos 6.8 x64 the result is the same.

Test script:
$res = ldap_connect('ldap://<ldapserver>');
ldap_set_option($res, LDAP_OPT_PROTOCOL_VERSION, 3);

$response = ldap_search($res, '<base dn>', '(usnchanged>=4261605367)');
$result = ldap_get_entries($res, $response);


Expected result:
array with count > 0

Actual result:
array with count === 0


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-01-09 21:55 UTC]
-Status: Open +Status: Feedback -Assigned To: +Assigned To: heiglandreas
 [2017-01-09 21:55 UTC]
The interesting thing is that the filter is a string and is passed to the underlying LDAP-library (usually OpenLDAP) as string. So there isn't a conversion to an integer value on PHP-side. Therefore I'm inclined to say that the conversion to an integer is done in the underlying LDAP-library. Can you check whether that lib is a 32bit or a 64bit build? And can you get a result using f.e. ldapsearch instead of the ActiveDirectory explorer?

Thanks for your help!
 [2017-01-10 10:03 UTC] justinasu at gmail dot com
-Status: Feedback +Status: Assigned
 [2017-01-10 10:03 UTC] justinasu at gmail dot com
yes, ldapsearch returns results as expected:

ldapsearch -H 'ldaps://<ldapserver>' -D 'username@domain' -b '<base dn>' -W -s sub "(usnchanged>=4261605367)" cn sn
# search result
search: 2
result: 4 Size limit exceeded

# numResponses: 1004
# numEntries: 1000
# numReferences: 3

ldapsearch: @(#) $OpenLDAP: ldapsearch 2.4.40 (May 10 2016 23:31:28) $
        (LDAP library: OpenLDAP 20440)

php is 64bit:

this bug is reproduced all the way up to php v5.5. This is the oldest version i have tried.
 [2017-01-10 10:45 UTC]
Thanks for the details! I'll see that I dig into it further! I might come back with mor e questions…
 [2017-01-10 14:57 UTC]
Sorry to bother you again: I assume that you ar erunning the testscript via your webbrowser. And I also assume that you are using the PHP-Module for apache.

Please run the following command:

ldd /usr/lib64/php/modules/

That should show all the dependencies your ldap-extension has. There should be an LDAP-library within that list (might be the only one). Please do then run

file <path/to/>

and post the result here.

 [2017-01-10 15:02 UTC] justinasu at gmail dot com
ldd /usr/lib64/php/modules/ =>  (0x00007fffe35b3000) => /usr/lib64/ (0x00007fb9a99dd000) => /lib64/ (0x00007fb9a978c000) => /lib64/ (0x00007fb9a957c000) => /lib64/ (0x00007fb9a91e8000) => /lib64/ (0x00007fb9a8fe4000) => /lib64/ (0x00007fb9a8dc9000) => /lib64/ (0x00007fb9a8b92000) => /usr/lib64/ (0x00007fb9a894f000) => /usr/lib64/ (0x00007fb9a8721000) => /usr/lib64/ (0x00007fb9a83e1000) => /usr/lib64/ (0x00007fb9a81b5000) => /lib64/ (0x00007fb9a7fb0000) => /lib64/ (0x00007fb9a7dab000) => /lib64/ (0x00007fb9a7b6d000)
        /lib64/ (0x0000003a92200000) => /lib64/ (0x00007fb9a7969000) => /lib64/ (0x00007fb9a774c000) => /lib64/ (0x00007fb9a7536000) => /lib64/ (0x00007fb9a732d000)

file /lib64/
/lib64/ symbolic link to `'

here you go :)
 [2017-01-10 15:07 UTC]

And what does `file /lib64/` return? And if that's also a symbolic link please follow that until the "file" returns something else than "symbolic link" ?

 [2017-01-10 15:20 UTC]
And a further question:

Can you alter your testscript like this and post the results?

$res = ldap_connect('ldap://<ldapserver>');
ldap_set_option($res, LDAP_OPT_PROTOCOL_VERSION, 3);

$response = ldap_search($res, '<base dn>', '(usnchanged>=4261605367)');
$result = ldap_get_entries($res, $response);

 [2017-01-10 17:33 UTC] justinasu at gmail dot com
file /lib64/
/lib64/ ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, stripped

resource(99) of type (ldap result)
string(7) "Success"
array(1) {
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Apr 26 03:01:25 2019 UTC