ext/ldap: fix leak on port overflow check.

devnexen · devnexen · commit df91d36fdf7e · 2025-05-24T23:11:24.000+01:00
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
@@ -984,8 +984,6 @@ PHP_FUNCTION(ldap_connect)
 		RETURN_FALSE;
 	}
 
-	object_init_ex(return_value, ldap_link_ce);
-	ld = Z_LDAP_LINK_P(return_value);
 
 	{
 		int rc = LDAP_SUCCESS;
@@ -1008,13 +1006,14 @@ PHP_FUNCTION(ldap_connect)
 
 			/* ensure all pending TLS options are applied in a new context */
 			if (ldap_set_option(NULL, LDAP_OPT_X_TLS_NEWCTX, &val) != LDAP_OPT_SUCCESS) {
-				zval_ptr_dtor(return_value);
 				php_error_docref(NULL, E_WARNING, "Could not create new security context");
 				RETURN_FALSE;
 			}
 			LDAPG(tls_newctx) = false;
 		}
 #endif
+		object_init_ex(return_value, ldap_link_ce);
+		ld = Z_LDAP_LINK_P(return_value);
 
 #ifdef LDAP_API_FEATURE_X_OPENLDAP
 		/* ldap_init() is deprecated, use ldap_initialize() instead.

Original file line number	Diff line number	Diff line change
`@@ -984,8 +984,6 @@ PHP_FUNCTION(ldap_connect)`
`984`	`984`	`RETURN_FALSE;`
`985`	`985`	`}`
`986`	`986`
`987`		`- object_init_ex(return_value, ldap_link_ce);`
`988`		`- ld = Z_LDAP_LINK_P(return_value);`
`989`	`987`
`990`	`988`	`{`
`991`	`989`	`int rc = LDAP_SUCCESS;`
`@@ -1008,13 +1006,14 @@ PHP_FUNCTION(ldap_connect)`
`1008`	`1006`
`1009`	`1007`	`/* ensure all pending TLS options are applied in a new context */`
`1010`	`1008`	`if (ldap_set_option(NULL, LDAP_OPT_X_TLS_NEWCTX, &val) != LDAP_OPT_SUCCESS) {`
`1011`		`- zval_ptr_dtor(return_value);`
`1012`	`1009`	`php_error_docref(NULL, E_WARNING, "Could not create new security context");`
`1013`	`1010`	`RETURN_FALSE;`
`1014`	`1011`	`}`
`1015`	`1012`	`LDAPG(tls_newctx) = false;`
`1016`	`1013`	`}`
`1017`	`1014`	`#endif`
	`1015`	`+ object_init_ex(return_value, ldap_link_ce);`
	`1016`	`+ ld = Z_LDAP_LINK_P(return_value);`
`1018`	`1017`
`1019`	`1018`	`#ifdef LDAP_API_FEATURE_X_OPENLDAP`
`1020`	`1019`	`/* ldap_init() is deprecated, use ldap_initialize() instead.`