[MediaWiki-commits] [Gerrit] mediawiki/core[master]: T163646 HHVM 3.19 incompability: TypeError: Argument 1 passe...

[Gerrit Patch Uploader (Code Review)]

Gerrit Patch Uploader has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/381617 )

Change subject: T163646 HHVM 3.19 incompability: TypeError: Argument 1 passed 
to mysql_real_escape_string() must be an instance of string, int given
......................................................................

T163646 HHVM 3.19 incompability: TypeError: Argument 1 passed to 
mysql_real_escape_string() must be an instance of string, int given

Under some conditions (Semantic MediaWiki, Gadgets), an integer is passed to 
DatabaseMysqli::mysqlRealEscapeString (). This integer is, in turn, passed to 
mysqli::real_escape_string (), which needs a string.

Under HHVM 3.19.1 (at least) this type mismatch causes an exception.

A typecast should prevent it.

I repeated the patch in other DB drivers where I could find a function that 
escaped strings for SQL.

Change-Id: I1b7820bc064dc79498cf9f17747f745990c526b7
---
M includes/libs/rdbms/database/DatabaseMssql.php
M includes/libs/rdbms/database/DatabaseMysql.php
M includes/libs/rdbms/database/DatabaseMysqli.php
M includes/libs/rdbms/database/DatabasePostgres.php
M includes/libs/rdbms/database/DatabaseSqlite.php
5 files changed, 8 insertions(+), 8 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/17/381617/1

diff --git a/includes/libs/rdbms/database/DatabaseMssql.php 
b/includes/libs/rdbms/database/DatabaseMssql.php
index 4ebc623..9527070 100644
--- a/includes/libs/rdbms/database/DatabaseMssql.php
+++ b/includes/libs/rdbms/database/DatabaseMssql.php
@@ -1066,7 +1066,7 @@
        public function strencode( $s ) {
                // Should not be called by us
 
-               return str_replace( "'", "''", $s );
+               return str_replace( "'", "''", (string) $s );
        }
 
        /**
diff --git a/includes/libs/rdbms/database/DatabaseMysql.php 
b/includes/libs/rdbms/database/DatabaseMysql.php
index d81d909..197bf51 100644
--- a/includes/libs/rdbms/database/DatabaseMysql.php
+++ b/includes/libs/rdbms/database/DatabaseMysql.php
@@ -203,7 +203,7 @@
        protected function mysqlRealEscapeString( $s ) {
                $conn = $this->getBindingHandle();
 
-               return mysql_real_escape_string( $s, $conn );
+               return mysql_real_escape_string( (string) $s, $conn );
        }
 }
 
diff --git a/includes/libs/rdbms/database/DatabaseMysqli.php 
b/includes/libs/rdbms/database/DatabaseMysqli.php
index 4c3cbdd..5b4f554 100644
--- a/includes/libs/rdbms/database/DatabaseMysqli.php
+++ b/includes/libs/rdbms/database/DatabaseMysqli.php
@@ -316,7 +316,7 @@
        protected function mysqlRealEscapeString( $s ) {
                $conn = $this->getBindingHandle();
 
-               return $conn->real_escape_string( $s );
+               return $conn->real_escape_string( (string) $s );
        }
 
        /**
diff --git a/includes/libs/rdbms/database/DatabasePostgres.php 
b/includes/libs/rdbms/database/DatabasePostgres.php
index 5719a1f..a69d4eb 100644
--- a/includes/libs/rdbms/database/DatabasePostgres.php
+++ b/includes/libs/rdbms/database/DatabasePostgres.php
@@ -1175,7 +1175,7 @@
 
        public function strencode( $s ) {
                // Should not be called by us
-               return pg_escape_string( $this->getBindingHandle(), $s );
+               return pg_escape_string( $this->getBindingHandle(), (string) $s 
);
        }
 
        public function addQuotes( $s ) {
@@ -1196,7 +1196,7 @@
                        return 'DEFAULT';
                }
 
-               return "'" . pg_escape_string( $conn, $s ) . "'";
+               return "'" . pg_escape_string( $conn, (string) $s ) . "'";
        }
 
        /**
diff --git a/includes/libs/rdbms/database/DatabaseSqlite.php 
b/includes/libs/rdbms/database/DatabaseSqlite.php
index 870fc3e..20be591 100644
--- a/includes/libs/rdbms/database/DatabaseSqlite.php
+++ b/includes/libs/rdbms/database/DatabaseSqlite.php
@@ -790,7 +790,7 @@
                        return "x'" . bin2hex( $s->fetch() ) . "'";
                } elseif ( is_bool( $s ) ) {
                        return (int)$s;
-               } elseif ( strpos( $s, "\0" ) !== false ) {
+               } elseif ( strpos( (string) $s, "\0" ) !== false ) {
                        // SQLite doesn't support \0 in strings, so use the hex 
representation as a workaround.
                        // This is a known limitation of SQLite's mprintf 
function which PDO
                        // should work around, but doesn't. I have reported 
this to php.net as bug #63419:
@@ -806,9 +806,9 @@
                                'For consistency all binary data should have 
been ' .
                                'first processed with self::encodeBlob()'
                        );
-                       return "x'" . bin2hex( $s ) . "'";
+                       return "x'" . bin2hex( (string) $s ) . "'";
                } else {
-                       return $this->mConn->quote( $s );
+                       return $this->mConn->quote( (string) $s );
                }
        }
 

-- 
To view, visit https://gerrit.wikimedia.org/r/381617
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I1b7820bc064dc79498cf9f17747f745990c526b7
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Gerrit Patch Uploader <gerritpatchuploa...@gmail.com>
Gerrit-Reviewer: Alexander I. Mashin <alex.mas...@gmail.com>
Gerrit-Reviewer: Gerrit Patch Uploader <gerritpatchuploa...@gmail.com>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits