ext/ldap: ldap_read/ldap_list/ldap_search update.

ext/ldap/ldap.c

@@ -1448,16 +1448,16 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 	zend_string *base_dn_str = NULL;
 	HashTable *filter_ht = NULL;
 	zend_string *filter_str = NULL;
-	zend_long attrsonly, sizelimit, timelimit, deref;
+	zend_long sizelimit = -1, timelimit = -1, deref = LDAP_DEREF_NEVER;
+	zend_long attrsonly = 0;
 	HashTable *server_controls_ht = NULL;
 	char **ldap_attrs = NULL;
 	ldap_linkdata *ld = NULL;
 	ldap_resultdata *result;
 	LDAPMessage *ldap_res = NULL;
 	LDAPControl **lserverctrls = NULL;
-	int ldap_attrsonly = 0, ldap_sizelimit = -1, ldap_timelimit = -1, ldap_deref = -1;
 	int old_ldap_sizelimit = -1, old_ldap_timelimit = -1, old_ldap_deref = -1;
-	int ret = 1, ldap_errno, argcount = ZEND_NUM_ARGS();
+	int ret = 1, ldap_errno;
 
 	ZEND_PARSE_PARAMETERS_START(3, 9)
 		Z_PARAM_ZVAL(link)
@@ -1472,23 +1472,19 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 		Z_PARAM_ARRAY_HT_EX(server_controls_ht, 1, 1)
 	ZEND_PARSE_PARAMETERS_END();
 
-	/* Reverse -> fall through */
-	switch (argcount) {
-		case 9:
-		case 8:
-			ldap_deref = deref;
-			ZEND_FALLTHROUGH;
-		case 7:
-			ldap_timelimit = timelimit;
-			ZEND_FALLTHROUGH;
-		case 6:
-			ldap_sizelimit = sizelimit;
-			ZEND_FALLTHROUGH;
-		case 5:
-			ldap_attrsonly = attrsonly;
-			ZEND_FALLTHROUGH;
-		default:
-			break;
+	if (sizelimit < -1 || sizelimit > INT_MAX) {
+		zend_argument_value_error(6, "must be between -1 and %d", INT_MAX);
+		RETURN_THROWS();
+	}
+
+	if (timelimit < -1 || timelimit > INT_MAX) {
+		zend_argument_value_error(7, "must be between -1 and %d", INT_MAX);
+		RETURN_THROWS();
+	}
+
+	if (deref < LDAP_DEREF_NEVER || deref > LDAP_DEREF_ALWAYS) {
+		zend_argument_value_error(8, "must be one of the LDAP_DEREF_* constants");
+		RETURN_THROWS();
 	}
 
 	if (attrs) {
@@ -1653,10 +1649,10 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 				}
 			}
 
-			php_set_opts(current_ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
+			php_set_opts(current_ld->link, (int)sizelimit, (int)timelimit, (int)deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
 
 			/* Run the actual search */
-			ldap_search_ext(current_ld->link, ZSTR_VAL(ldap_base_dn), scope, ZSTR_VAL(ldap_filter), ldap_attrs, ldap_attrsonly, lserverctrls, NULL, NULL, ldap_sizelimit, &rcs[ldap_link_index]);
+			ldap_search_ext(current_ld->link, ZSTR_VAL(ldap_base_dn), scope, ZSTR_VAL(ldap_filter), ldap_attrs, (int)attrsonly, lserverctrls, NULL, NULL, (int)sizelimit, &rcs[ldap_link_index]);
 			lds[ldap_link_index] = current_ld;
 
 			// TODO Reset the options of the link?
@@ -1711,10 +1707,10 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 			}
 		}
 
-		php_set_opts(ld->link, ldap_sizelimit, ldap_timelimit, ldap_deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
+		php_set_opts(ld->link, (int)sizelimit, (int)timelimit, (int)deref, &old_ldap_sizelimit, &old_ldap_timelimit, &old_ldap_deref);
 
 		/* Run the actual search */
-		ldap_errno = ldap_search_ext_s(ld->link, ZSTR_VAL(base_dn_str), scope, ZSTR_VAL(filter_str), ldap_attrs, ldap_attrsonly, lserverctrls, NULL, NULL, ldap_sizelimit, &ldap_res);
+		ldap_errno = ldap_search_ext_s(ld->link, ZSTR_VAL(base_dn_str), scope, ZSTR_VAL(filter_str), ldap_attrs, (int)attrsonly, lserverctrls, NULL, NULL, (int)sizelimit, &ldap_res);
 
 		if (ldap_errno != LDAP_SUCCESS
 			&& ldap_errno != LDAP_SIZELIMIT_EXCEEDED
@@ -1752,7 +1748,7 @@ static void php_ldap_do_search(INTERNAL_FUNCTION_PARAMETERS, int scope)
 cleanup:
 	if (ld) {
 		/* Restoring previous options */
-		php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, &ldap_sizelimit, &ldap_timelimit, &ldap_deref);
+		php_set_opts(ld->link, old_ldap_sizelimit, old_ldap_timelimit, old_ldap_deref, (int *)&sizelimit, (int *)&timelimit, (int *)&deref);
 	}
 	if (ldap_attrs != NULL) {
 		efree(ldap_attrs);

ext/ldap/tests/ldap_search_error.phpt

@@ -26,6 +26,24 @@ try {
     echo $exception->getMessage() . "\n";
 }
 
+try {
+    ldap_search($link, $dn, $filter, array('option'), false, PHP_INT_MIN);
+} catch (ValueError $exception) {
+    echo $exception->getMessage() . "\n";
+}
+
+try {
+    ldap_search($link, $dn, $filter, array('option'), false, -1, PHP_INT_MIN);
+} catch (ValueError $exception) {
+    echo $exception->getMessage() . "\n";
+}
+
+try {
+    ldap_search($link, $dn, $filter, array('option'), false, -1, -1, -1);
+} catch (ValueError $exception) {
+    echo $exception->getMessage() . "\n";
+}
+
 try {
     ldap_search(array(), $dn, $filter, array('top'));
 } catch (ValueError $exception) {
@@ -61,6 +79,9 @@ try {
 Warning: ldap_search(): Search: No such object in %s on line %d
 bool(false)
 ldap_search(): Argument #4 ($attributes) must be an array with numeric keys
+ldap_search(): Argument #6 ($sizelimit) must be between -1 and %d
+ldap_search(): Argument #7 ($timelimit) must be between -1 and %d
+ldap_search(): Argument #8 ($deref) must be one of the LDAP_DEREF_* constants
 ldap_search(): Argument #1 ($ldap) must not be empty
 ldap_search(): Argument #2 ($base) must be the same size as argument #1
 ldap_search(): Argument #3 ($filter) must be the same size as argument #1