Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:28281
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 64.233.184.239 as permitted sender)
DomainKey-Status: bad
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=OpKZeGV4wIUYHERTT9rTgUYgMdJ3+jJaAAEe7X3UctiwsliXyeIsevgRLpd+v6kEXADuE+3+3BVWJt8I8naslqDPgg4Gw/4TR6j6nt5ydo5A/xFLgQrbETzH3Z+eaScx+2Mn4lBh3LMOMFX4Kyywn6cxbefkTjDOaxddgYQGf1c=
Message-ID: <4e89b4260703062218v73c3655agdd72b5b7bfdfe41f@mail.gmail.com>
Date: Wed, 7 Mar 2007 01:18:31 -0500
To: cardoe@gentoo.org
Cc: internals@lists.php.net
In-Reply-To: <40059.216.155.111.10.1172694790.squirrel@webmail.cardoe.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <40059.216.155.111.10.1172694790.squirrel@webmail.cardoe.com>
Subject: Re: [PHP-DEV] LDAP functions implemented poorly
From: kingwez@gmail.com ("Wez Furlong")

My really really late 2 cents on this.

Please make sure that your changes don't make the extension depend on
OpenLDAP.  Solaris and Windows LDAP implementations are close but not
totally the same as OpenLDAP.

I haven't looked at your patches and probably won't have time to do
so; I'm merely doing a drive-by peek at the recent traffic on the
lists, so forgive me if you've already taken this into consideration
:)

--Wez.

On 2/28/07, Doug Goldstein <cardoe@gentoo.org> wrote:
> Referencing Bug #38819 & Bug #40671
> http://bugs.php.net/bug.php?id=38819
> http://bugs.php.net/bug.php?id=40671
>
> Essentially I looked through the above mentioned bug, the bugs opened
> with OpenLDAP developers, and then reviewed ext/ldap/ldap.c and it
> appears the API calls made by PHP are not necessarily the safest ways to
> write the PHP wrapper functions. Based on tony2001@php.net's comment
> that the LDAP module is unmaintained I went ahead and made some
> changes.
>
> If you read OpenLDAP's API and comments by OpenLDAP Core Developers,
> available at:
>
> http://www.openldap.org/its/index.cgi/Build?id=4690;selectid=4690
> http://www.openldap.org/software/man.cgi?query=ldap_get_values&sektion=3
> &apropos=0&manpath=OpenLDAP+2.1-Release
>
> (Notice I went with OpenLDAP 2.1 docs to quell PHP's urge for backwards
> compatibility)
>
> The functions char **ldap_get_values(ld, entry, attr) and struct berval
> **ldap_get_values_len(ld, entry, attr) are essentially inter-changeable.
> The big difference being that the berval struct provides you with a char
> * and the size_t of the data. Rather then just a char * that you then
> have to strlen() which will result in problems if the returned data is
> not NULL terminated data. PHP's internal functions make the mistake of
> assuming all data will be string data (NULL terminated char *) data,
> which is the cause of the crash in bug #38819.
>
> The patch attached removes all of those assumptions and uses
> ldap_get_values_len() and uses the length provided back by the structure
> to feed add_index_stringl() instead of using add_index_string() which
> will call it's own strlen() on the provided data.
>
> This patch also removes ldap_get_values() as a PHP function and makes it
> an alias of ldap_get_values_len() since there's no difference and the
> same data can be returned, it's just a safer version.
>
> The attached patch fixes the test case provided in bug #38819.
>
> Referencing for my own purposes:
> http://bugs.gentoo.org/show_bug.cgi?id=133467
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>