xref: /PHP-7.3/ext/ldap/tests/bug76248.phpt (revision b746e698)
1--TEST--
2Bug #76248 (Malicious LDAP-Server Response causes Crash)
3--SKIPIF--
4<?php
5require_once('skipif.inc');
6if (!function_exists('pcntl_fork')) die('skip fork not available');
7?>
8--FILE--
9<?php
10$pid = pcntl_fork();
11const PORT = 12345;
12if ($pid == 0) {
13	// child
14    $server = stream_socket_server("tcp://127.0.0.1:12345");
15	$socket = stream_socket_accept($server, 3);
16	fwrite($socket, base64_decode("MAwCAQFhBwoBAAQABAAweQIBAmR0BJljbj1yb290LGRjPWV4YW1wbGUsZGM9Y29tMFcwIwQLb2JqZWN0Q2xhc3MxFAQSb3JnYW5pemF0aW9uYWxSb2xlMAwEAmNuMQYEBHJvb3QwIgQLZGVzY3JpcHRpb24xEwQRRGlyZWN0b3J5IE1hbmFnZXIwDAIBAmUHCgEABAAEADB5AgEDZHQEmWNuPXJvb3QsZGM9ZXhhbXBsZSxkYz1jb20wVzAjBAtvYmplY3RDbGFzczEUBBJvcmdhbml6YXRpb25hbFJvbGUwDAQCY24xBgQEcm9vdDAiBAtkZXNjcmlwdGlvbjETBBFEaXJlY3RvcnkgTWFuYWdlcjAMAgEDZQcKAQAEAAQA"));
17	fflush($socket);
18} else {
19	// parent
20	$ds = ldap_connect("127.0.0.1", PORT);
21	ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
22	$b = ldap_bind($ds, "cn=root,dc=example,dc=com", "secret");
23
24	$s = ldap_search($ds, "dc=example,dc=com", "(cn=root)");
25	$tt = ldap_get_entries($ds, $s);
26	var_dump($tt);
27}
28?>
29--EXPECT--
30array(2) {
31  ["count"]=>
32  int(1)
33  [0]=>
34  array(2) {
35    ["count"]=>
36    int(0)
37    ["dn"]=>
38    NULL
39  }
40}
41