Skip to content

Commit 3a5e835

Browse files
committed
url leak and new tests
1 parent df91d36 commit 3a5e835

File tree

2 files changed

+18
-0
lines changed

2 files changed

+18
-0
lines changed

ext/ldap/ldap.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1006,6 +1006,9 @@ PHP_FUNCTION(ldap_connect)
10061006

10071007
/* ensure all pending TLS options are applied in a new context */
10081008
if (ldap_set_option(NULL, LDAP_OPT_X_TLS_NEWCTX, &val) != LDAP_OPT_SUCCESS) {
1009+
if (url != host) {
1010+
efree(url);
1011+
}
10091012
php_error_docref(NULL, E_WARNING, "Could not create new security context");
10101013
RETURN_FALSE;
10111014
}
@@ -1026,6 +1029,9 @@ PHP_FUNCTION(ldap_connect)
10261029
ldap = ldap_init(host, port);
10271030
if (ldap == NULL) {
10281031
zval_ptr_dtor(return_value);
1032+
if (url != host) {
1033+
efree(url);
1034+
}
10291035
php_error_docref(NULL, E_WARNING, "Could not create session handle");
10301036
RETURN_FALSE;
10311037
}

ext/ldap/tests/ldaps_basic.phpt

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,10 +46,22 @@ ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
4646
var_dump(@ldap_bind($link, $user, $passwd));
4747
ldap_unbind($link);
4848

49+
try {
50+
ldap_connect("ldaps://$host:65536");
51+
} catch (\ValueError $e) {
52+
echo $e->getMessage(), PHP_EOL;
53+
}
54+
55+
try {
56+
ldap_connect("ldaps://$host:0");
57+
} catch (\ValueError $e) {
58+
echo $e->getMessage();
59+
}
4960
?>
5061
--EXPECT--
5162
bool(false)
5263
bool(true)
5364
bool(true)
5465
bool(false)
5566
bool(false)
67+
must be between 1 and 65535

0 commit comments

Comments
 (0)