File: GHSA-g665-fm4p-vhff-2.phpt

package info (click to toggle)
php8.2 8.2.29-1~deb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 209,600 kB
  • sloc: ansic: 736,658; php: 33,046; sh: 11,432; cpp: 7,005; pascal: 4,448; javascript: 3,112; asm: 2,404; yacc: 2,222; xml: 1,784; makefile: 689; awk: 148
file content (29 lines) | stat: -rw-r--r-- 667 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
--TEST--
GHSA-g665-fm4p-vhff (OOB access in ldap_escape)
--EXTENSIONS--
ldap
--INI--
memory_limit=-1
--SKIPIF--
<?php
if (PHP_INT_SIZE !== 4) die("skip only for 32-bit");
if (getenv("SKIP_SLOW_TESTS")) die("skip slow test");
?>
--FILE--
<?php
try {
    ldap_escape(str_repeat("*", 1431655759), "", LDAP_ESCAPE_FILTER);
} catch (ValueError $e) {
    echo $e->getMessage(), "\n";
}

// would allocate a string of length 2
try {
    ldap_escape(str_repeat("*", 1431655766), "", LDAP_ESCAPE_FILTER);
} catch (ValueError $e) {
    echo $e->getMessage(), "\n";
}
?>
--EXPECT--
ldap_escape(): Argument #1 ($value) is too long
ldap_escape(): Argument #1 ($value) is too long