From:
Operating system: Fedora 13
PHP version: 5.3.3
Package: PDO related
Bug Type: Bug
Bug description:PDO_Firebird segfaults query column count less than param count
Description:
------------
PDO_Firebird segfaults if query column count is less than param count
Test script:
---------------
<?php
/*
CREATE TABLE test(A VARCHAR(30), B VARCHAR(30), C VARCHAR(30));
INSERT INTO test VALUES ('A', 'B', 'C');
*/
$dbh = new PDO("firebird:dbname=localhost:/tmp/test.gdb", "SYSDBA",
"masterkey");
$stmt1 = "SELECT B FROM test WHERE A = ? AND B = ?";
$stmt2 = "SELECT B, C FROM test WHERE A = ? AND B = ?";
$stmth2 = $dbh->prepare($stmt2);
$stmth2->execute(array('A', 'B'));
$rows = $stmth2->fetchAll(); // <------ OK
var_dump($rows);
$stmth1 = $dbh->prepare($stmt1);
$stmth1->execute(array('A', 'B'));
$rows = $stmth1->fetchAll(); // <------- segfault
var_dump($rows);
?>
Expected result:
----------------
array(1) {
[0]=>
array(4) {
["B"]=>
string(1) "B"
[0]=>
string(1) "B"
["C"]=>
string(1) "C"
[1]=>
string(1) "C"
}
}
array(1) {
[0]=>
array(2) {
["B"]=>
string(1) "B"
[0]=>
string(1) "B"
}
}
Actual result:
--------------
(gdb) bt
#0 0x008b8b76 in firebird_stmt_get_col (stmt=0x88e7b48, colno=1,
ptr=0xbfffcee8, len=0xbfffcee4,
caller_frees=0xbfffcee0) at
/root/src/php-5.3.3/ext/pdo_firebird/firebird_statement.c:273
#1 0x008b9c64 in firebird_stmt_param_hook (stmt=0x88e7b48,
param=0x88e872c,
event_type=PDO_PARAM_EVT_FETCH_POST)
at /root/src/php-5.3.3/ext/pdo_firebird/firebird_statement.c:556
#2 0x081d39d5 in dispatch_param_event (stmt=0x88e7b48,
event_type=PDO_PARAM_EVT_FETCH_POST)
at /root/src/php-5.3.3/ext/pdo/pdo_stmt.c:184
#3 0x081d554a in do_fetch_common (stmt=0x88e7b48, ori=PDO_FETCH_ORI_NEXT,
offset=0, do_bind=1)
at /root/src/php-5.3.3/ext/pdo/pdo_stmt.c:703
#4 0x081d5b5e in do_fetch (stmt=0x88e7b48, do_bind=1,
return_value=0x88e8304, how=PDO_FETCH_BOTH,
ori=PDO_FETCH_ORI_NEXT, offset=0, return_all=0x0) at
/root/src/php-5.3.3/ext/pdo/pdo_stmt.c:861
#5 0x081d7972 in zim_PDOStatement_fetchAll (ht=0, return_value=0x88e83c4,
return_value_ptr=0x0,
this_ptr=0x88e798c, return_value_used=1) at
/root/src/php-5.3.3/ext/pdo/pdo_stmt.c:1543
#6 0x08421390 in zend_do_fcall_common_helper_SPEC
(execute_data=0x89161b0)
at /root/src/php-5.3.3/Zend/zend_vm_execute.h:316
#7 0x0842194a in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER
(execute_data=0x89161b0)
at /root/src/php-5.3.3/Zend/zend_vm_execute.h:421
#8 0x08420a2d in execute (op_array=0x88e4d7c) at
/root/src/php-5.3.3/Zend/zend_vm_execute.h:107
#9 0x083f4260 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at /root/src/php-5.3.3/Zend/zend.c:1194
#10 0x0838c746 in php_execute_script (primary_file=0xbffff4dc) at
/root/src/php-5.3.3/main/main.c:2260
#11 0x084b6eef in main (argc=2, argv=0xbffff654) at
/root/src/php-5.3.3/sapi/cli/php_cli.c:1192
--
Edit bug report at http://bugs.php.net/bug.php?id=53280&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=53280&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=53280&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=53280&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=53280&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=53280&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=53280&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=53280&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=53280&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=53280&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=53280&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=53280&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=53280&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=53280&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=53280&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=53280&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=53280&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=53280&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=53280&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=53280&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=53280&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=53280&r=mysqlcfg
