From 57871b0aa5632631625c379b671bd968a05e1c28 Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Sun, 22 Jun 2025 08:00:08 +0100
Subject: [PATCH 1/2] Fixed GH-18902: ldap_exop/ldap_exop_sync assert triggered
 on empty request OID

---
 ext/ldap/ldap.c             |  7 ++++++-
 ext/ldap/tests/gh18902.phpt | 38 +++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 ext/ldap/tests/gh18902.phpt

diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
index fecb8846400a6..13b8a028a72ce 100644
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@ -4036,7 +4036,12 @@ static void php_ldap_exop(INTERNAL_FUNCTION_PARAMETERS, bool force_sync) {
 	LDAPControl **lserverctrls = NULL;
 	int rc, msgid;
 
-	if (zend_parse_parameters(ZEND_NUM_ARGS(), "OS|S!a!zz", &link, ldap_link_ce, &reqoid, &reqdata, &serverctrls, &retdata, &retoid) != SUCCESS) {
+	if (zend_parse_parameters(ZEND_NUM_ARGS(), "OP|S!a!zz", &link, ldap_link_ce, &reqoid, &reqdata, &serverctrls, &retdata, &retoid) != SUCCESS) {
+		RETURN_THROWS();
+	}
+
+	if (ZSTR_LEN(reqoid) == 0) {
+		zend_argument_value_error(2, "cannot be empty");
 		RETURN_THROWS();
 	}
 
diff --git a/ext/ldap/tests/gh18902.phpt b/ext/ldap/tests/gh18902.phpt
new file mode 100644
index 0000000000000..3fd7de7fc0581
--- /dev/null
+++ b/ext/ldap/tests/gh18902.phpt
@@ -0,0 +1,38 @@
+--TEST--
+GH-17704 (ldap_search fails when $attributes contains a non-packed array with numerical keys)
+--EXTENSIONS--
+ldap
+--FILE--
+<?php
+$conn = ldap_connect();
+try {
+	ldap_exop($conn,null);
+} catch (\ValueError $e) {
+	echo $e->getMessage(), PHP_EOL;
+}
+
+try {
+	ldap_exop($conn,"\0");
+} catch (\ValueError $e) {
+	echo $e->getMessage(), PHP_EOL;
+}
+
+try {
+	ldap_exop_sync($conn,"");
+} catch (\ValueError $e) {
+	echo $e->getMessage(), PHP_EOL;
+}
+
+try {
+	ldap_exop_sync($conn,"test\0");
+} catch (\ValueError $e) {
+	echo $e->getMessage(), PHP_EOL;
+}
+?>
+--EXPECTF--
+
+Deprecated: ldap_exop(): Passing null to parameter #2 ($request_oid) of type string is deprecated in %s on line %d
+ldap_exop(): Argument #2 ($request_oid) cannot be empty
+ldap_exop(): Argument #2 ($request_oid) must not contain any null bytes
+ldap_exop_sync(): Argument #2 ($request_oid) cannot be empty
+ldap_exop_sync(): Argument #2 ($request_oid) must not contain any null bytes

From 07b0dec198d2dcd7d0cf5706d905fa7f9f4751ff Mon Sep 17 00:00:00 2001
From: David Carlier <devnexen@gmail.com>
Date: Sun, 22 Jun 2025 11:18:35 +0100
Subject: [PATCH 2/2] changes from feedback

---
 ext/ldap/ldap.c             |  2 +-
 ext/ldap/tests/gh18902.phpt | 10 +---------
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
index 13b8a028a72ce..769e6caa277b4 100644
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@ -4041,7 +4041,7 @@ static void php_ldap_exop(INTERNAL_FUNCTION_PARAMETERS, bool force_sync) {
 	}
 
 	if (ZSTR_LEN(reqoid) == 0) {
-		zend_argument_value_error(2, "cannot be empty");
+		zend_argument_value_error(2, "must not be empty");
 		RETURN_THROWS();
 	}
 
diff --git a/ext/ldap/tests/gh18902.phpt b/ext/ldap/tests/gh18902.phpt
index 3fd7de7fc0581..329cbb59c1b11 100644
--- a/ext/ldap/tests/gh18902.phpt
+++ b/ext/ldap/tests/gh18902.phpt
@@ -5,11 +5,6 @@ ldap
 --FILE--
 <?php
 $conn = ldap_connect();
-try {
-	ldap_exop($conn,null);
-} catch (\ValueError $e) {
-	echo $e->getMessage(), PHP_EOL;
-}
 
 try {
 	ldap_exop($conn,"\0");
@@ -30,9 +25,6 @@ try {
 }
 ?>
 --EXPECTF--
-
-Deprecated: ldap_exop(): Passing null to parameter #2 ($request_oid) of type string is deprecated in %s on line %d
-ldap_exop(): Argument #2 ($request_oid) cannot be empty
 ldap_exop(): Argument #2 ($request_oid) must not contain any null bytes
-ldap_exop_sync(): Argument #2 ($request_oid) cannot be empty
+ldap_exop_sync(): Argument #2 ($request_oid) must not be empty
 ldap_exop_sync(): Argument #2 ($request_oid) must not contain any null bytes