ID:               28679
 Updated by:       [EMAIL PROTECTED]
 Reported By:      bmr at comtime dot com
-Status:           Feedback
+Status:           No Feedback
 Bug Type:         Sybase (dblib) related
 Operating System: Linux
 PHP Version:      4.3.4
 New Comment:

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".


Previous Comments:
------------------------------------------------------------------------

[2004-07-14 14:10:33] [EMAIL PROTECTED]

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip



------------------------------------------------------------------------

[2004-06-07 20:25:41] bmr at comtime dot com

Description:
------------
There is a bug with php_sybase_get_column_content().  This is observed
when you take a datetime column result and pass it into strtotime(). 
The problem seems to be related to the string not being null
terminated.  Here is the part of the function with the problem:

switch (coltype(offset)) {
  case SYBBINARY:
  case SYBVARBINARY:
  case SYBIMAGE:
    res_length *= 2;
    break;
  case SYBCHAR:
  case SYBVARCHAR:
  case SYBTEXT:
    break;
  default:
  /* take no chances, no telling how big the result would really be */
    res_length += 20;
    break;
}

res_buf = (char *) emalloc(res_length+1);
memset(res_buf,' ',res_length+1);  /* XXX i'm sure there's a better
way
                                                                       
                                  but i don't have sybase here to test
                                                                       
                                  991105 thies<at>thieso.net  */
                               
dbconvert(NULL,coltype(offset),dbdata(sybase_ptr->link,offset),
src_length,SYBCHAR,res_buf,res_length);
Z_STRLEN_P(result) = res_length;
Z_STRVAL_P(result) = res_buf;
Z_TYPE_P(result) = IS_STRING;

------------------------------ end code ------------------

This does not null terminate the string coming back which causes
problems.  I would have thought that since the length is stored with
the value the PHP would honor that and not go beyond that boundary, but
this does not appear to be the case.  Adding this line after dbconvert()
seems to fix the problem:
res_buf[res_length] = '\0';

But the whole "res_length += 20" thing scares me a little as well.

Reproduce code:
---------------
See description.  It would be hard to reproduce without setting up a
database, etc.

Expected result:
----------------
strtotime() returns 0.



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=28679&edit=1

Reply via email to