Fix null byte in LDAP bindings

author: Stanislav Malyshev <stas@php.net> 2014-04-13 20:43:46 -0700
committer: Stanislav Malyshev <stas@php.net> 2014-04-14 10:44:53 -0700
commit: ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c (patch)
tree: 05c8507407c76d8323bcb3d8a336e312193ddaec /ext/ldap
parent: 40a9316dff6e043b534844b2ab167318250be277 (diff)
download: php-git-ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
index 9d3a710b60..9fe48a03aa 100644
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@ -399,6 +399,16 @@ PHP_FUNCTION(ldap_bind)
 		RETURN_FALSE;
 	}
 
+	if (ldap_bind_dn != NULL && memchr(ldap_bind_dn, '\0', ldap_bind_dnlen) != NULL) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "DN contains a null byte");
+		RETURN_FALSE;
+	}
+
+	if (ldap_bind_pw != NULL && memchr(ldap_bind_pw, '\0', ldap_bind_pwlen) != NULL) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Password contains a null byte");
+		RETURN_FALSE;
+	}
+
 	ZEND_FETCH_RESOURCE(ld, ldap_linkdata *, &link, -1, "ldap link", le_link);
 
 	if ((rc = ldap_bind_s(ld->link, ldap_bind_dn, ldap_bind_pw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS) {
author	Stanislav Malyshev <stas@php.net>	2014-04-13 20:43:46 -0700
committer	Stanislav Malyshev <stas@php.net>	2014-04-14 10:44:53 -0700
commit	ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c (patch)
tree	05c8507407c76d8323bcb3d8a336e312193ddaec /ext/ldap
parent	40a9316dff6e043b534844b2ab167318250be277 (diff)
download	php-git-ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c.tar.gz