From: tony2001 at phpclub dot net Operating system: Linux PHP version: 5CVS-2006-06-06 (CVS) PHP Bug Type: PDO related Bug description: valgrind reports invalid reads in PDO::errorCode()
Description: ------------ ==22003== Invalid read of size 1 ==22003== at 0x4906752: strlen (mac_replace_strmem.c:243) ==22003== by 0x4F776E: zim_PDO_errorCode (pdo_dbh.c:955) ==22003== by 0x69B845: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==22003== by 0x69B072: execute (zend_vm_execute.h:92) ==22003== by 0x67A634: zend_execute_scripts (zend.c:1100) ==22003== by 0x632AC0: php_execute_script (main.c:1747) ==22003== by 0x70130D: main (php_cli.c:1089) ==22003== Address 0x730A474 is 148 bytes inside a block of size 344 free'd ==22003== at 0x49055DD: free (vg_replace_malloc.c:235) ==22003== by 0x697867: zend_objects_store_del_ref_by_handle (zend_objects_API.c:196) ==22003== by 0x69787D: zend_objects_store_del_ref (zend_objects_API.c:158) ==22003== by 0x4F7B4F: zim_PDO_query (zend_variables.h:35) ==22003== by 0x69B845: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==22003== by 0x69B072: execute (zend_vm_execute.h:92) ==22003== by 0x67A634: zend_execute_scripts (zend.c:1100) ==22003== by 0x632AC0: php_execute_script (main.c:1747) ==22003== by 0x70130D: main (php_cli.c:1089) ==22003== Invalid read of size 1 ==22003== at 0x4906AF7: memcpy (mac_replace_strmem.c:394) ==22003== by 0x65D557: zend_strndup (zend_alloc.c:439) ==22003== by 0x4F7710: zim_PDO_errorCode (pdo_dbh.c:958) ==22003== by 0x69B845: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==22003== by 0x69B072: execute (zend_vm_execute.h:92) ==22003== by 0x67A634: zend_execute_scripts (zend.c:1100) ==22003== by 0x632AC0: php_execute_script (main.c:1747) ==22003== by 0x70130D: main (php_cli.c:1089) ==22003== Address 0x730A478 is 152 bytes inside a block of size 344 free'd ==22003== at 0x49055DD: free (vg_replace_malloc.c:235) ==22003== by 0x697867: zend_objects_store_del_ref_by_handle (zend_objects_API.c:196) ==22003== by 0x69787D: zend_objects_store_del_ref (zend_objects_API.c:158) ==22003== by 0x4F7B4F: zim_PDO_query (zend_variables.h:35) ==22003== by 0x69B845: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:200) ==22003== by 0x69B072: execute (zend_vm_execute.h:92) ==22003== by 0x67A634: zend_execute_scripts (zend.c:1100) ==22003== by 0x632AC0: php_execute_script (main.c:1747) ==22003== by 0x70130D: main (php_cli.c:1089) Note that PDO::query() *destroys* statement object as well as statement handle when query fails. So PDO::errorCode() operates on already destroyed statement handle. Reproduce code: --------------- See ext/pdo/tests/bug_34687.phpt. I've reproduced it with sqlite2::memory, but that shouldn't matter. Expected result: ---------------- No invalid reads? -- Edit bug report at http://bugs.php.net/?id=37709&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=37709&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=37709&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=37709&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=37709&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=37709&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=37709&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=37709&r=needscript Try newer version: http://bugs.php.net/fix.php?id=37709&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=37709&r=support Expected behavior: http://bugs.php.net/fix.php?id=37709&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=37709&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=37709&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=37709&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=37709&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=37709&r=dst IIS Stability: http://bugs.php.net/fix.php?id=37709&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=37709&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=37709&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=37709&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=37709&r=mysqlcfg
