Public bug reported:
1) The release of Ubuntu you are using, via 'lsb_release -rd' or System ->
About Ubuntu
Description: Ubuntu 20.04.6 LTS
Release: 20.04
2) The version of the package you are using, via 'apt-cache policy pkgname' or
by checking in Software Center
php7.4-ldap:
Installiert: 7.4.3-4ubuntu2.26
Installationskandidat: 7.4.3-4ubuntu2.26
3) What you expected to happen
The command php7.4 -m lists the ldap module without an error.
4) What happened instead
php-fpm7.4 -m
[13-Dec-2024 08:29:47] NOTICE: PHP message: PHP Warning: PHP Startup: Unable
to load dynamic library 'ldap.so' (tried: /usr/lib/php/20190902/ldap.so
(/usr/lib/php/20190902/ldap.so: undefined symbol: RETURN_THROWS),
/usr/lib/php/20190902/ldap.so.so (/usr/lib/php/20190902/ldap.so.so: cannot open
shared object file: No such file or directory)) in Unknown on line 0
[PHP Modules]
bcmath
cgi-fcgi
Core
ctype
curl
date
dom
exif
FFI
fileinfo
filter
ftp
gd
gettext
hash
iconv
igbinary
intl
json
libxml
mbstring
memcached
msgpack
mysqli
I found the following changes to the php7.4-ldap package in the diff:
diff -Nru php7.4-7.4.3/debian/patches/CVE-2024-8932.patch
php7.4-7.4.3/debian/patches/CVE-2024-8932.patch
--- php7.4-7.4.3/debian/patches/CVE-2024-8932.patch 1970-01-01
00:00:00.000000000 +0000
+++ php7.4-7.4.3/debian/patches/CVE-2024-8932.patch 2024-12-04
16:05:01.000000000 +0000
@@ -0,0 +1,124 @@
+From 90c851a8b1dc409d074ab369acbfd318bc8aea4e Mon Sep 17 00:00:00 2001
+From: Niels Dossche <7771979+niels...@users.noreply.github.com>
+Date: Thu, 26 Sep 2024 22:22:27 +0200
+Subject: [PATCH] Fix GHSA-g665-fm4p-vhff: OOB access in ldap_escape
+
+---
+ ext/ldap/ldap.c | 20 ++++++++++++++--
+ ext/ldap/tests/GHSA-g665-fm4p-vhff-1.phpt | 28 ++++++++++++++++++++++
+ ext/ldap/tests/GHSA-g665-fm4p-vhff-2.phpt | 29 +++++++++++++++++++++++
+ 3 files changed, 75 insertions(+), 2 deletions(-)
+ create mode 100644 ext/ldap/tests/GHSA-g665-fm4p-vhff-1.phpt
+ create mode 100644 ext/ldap/tests/GHSA-g665-fm4p-vhff-2.phpt
+
+Index: php7.4-7.4.3/ext/ldap/ldap.c
+===================================================================
+--- php7.4-7.4.3.orig/ext/ldap/ldap.c
++++ php7.4-7.4.3/ext/ldap/ldap.c
+@@ -3825,13 +3825,23 @@ static zend_string* php_ldap_do_escape(c
+ zend_string *ret;
+
+ for (i = 0; i < valuelen; i++) {
+- len += (map[(unsigned char) value[i]]) ? 3 : 1;
++ size_t addend = (map[(unsigned char) value[i]]) ? 3 : 1;
++ if (len > ZSTR_MAX_LEN - addend) {
++ return NULL;
++ }
++ len += addend;
+ }
+ /* Per RFC 4514, a leading and trailing space must be escaped */
+ if ((flags & PHP_LDAP_ESCAPE_DN) && (value[0] == ' ')) {
++ if (len > ZSTR_MAX_LEN - 2) {
++ return NULL;
++ }
+ len += 2;
+ }
+ if ((flags & PHP_LDAP_ESCAPE_DN) && ((valuelen > 1) && (value[valuelen
- 1] == ' '))) {
++ if (len > ZSTR_MAX_LEN - 2) {
++ return NULL;
++ }
+ len += 2;
+ }
+
+@@ -3898,7 +3908,13 @@ PHP_FUNCTION(ldap_escape)
+ php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
+ }
+
+- RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen, flags));
++ zend_string *result = php_ldap_do_escape(map, value, valuelen, flags);
++ if (UNEXPECTED(!result)) {
++ zend_argument_value_error(1, "is too long");
++ RETURN_THROWS();
++ }
++
++ RETURN_NEW_STR(result);
+ }
+
+ #ifdef STR_TRANSLATION
To my knowledge, the Symbol "RETURN_THROWS" is only available in PHP 8.0
or higher.
** Affects: php7.4 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2091698
Title:
PHP LDAP module does not load
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php7.4/+bug/2091698/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
