fmk Mon Aug 8 17:32:21 2005 EDT Modified files: /php-src/ext/mssql php_mssql.c php_mssql.h Log: Fix #32010. Leak in mssql_fetch_batch(). http://cvs.php.net/diff.php/php-src/ext/mssql/php_mssql.c?r1=1.149&r2=1.150&ty=u Index: php-src/ext/mssql/php_mssql.c diff -u php-src/ext/mssql/php_mssql.c:1.149 php-src/ext/mssql/php_mssql.c:1.150 --- php-src/ext/mssql/php_mssql.c:1.149 Wed Aug 3 10:07:28 2005 +++ php-src/ext/mssql/php_mssql.c Mon Aug 8 17:32:18 2005 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_mssql.c,v 1.149 2005/08/03 14:07:28 sniper Exp $ */ +/* $Id: php_mssql.c,v 1.150 2005/08/08 21:32:18 fmk Exp $ */ #ifdef COMPILE_DL_MSSQL #define HAVE_MSSQL 1 @@ -994,34 +994,39 @@ if (statement->binds != NULL) { /* Maybe a non-parameter sp */ if (zend_hash_find(statement->binds, parameter, strlen(parameter), (void**)&bind)==SUCCESS) { - switch (type) { - case SQLBIT: - case SQLINT1: - case SQLINT2: - case SQLINT4: - convert_to_long_ex(&bind->zval); - /* FIXME this works only on little endian machine !!! */ - Z_LVAL_P(bind->zval) = *((int *)(dbretdata(mssql_ptr->link,i))); - break; - - case SQLFLT4: - case SQLFLT8: - case SQLFLTN: - case SQLMONEY4: - case SQLMONEY: - case SQLMONEYN: - convert_to_double_ex(&bind->zval); - Z_DVAL_P(bind->zval) = *((double *)(dbretdata(mssql_ptr->link,i))); - break; - - case SQLCHAR: - case SQLVARCHAR: - case SQLTEXT: - convert_to_string_ex(&bind->zval); - Z_STRLEN_P(bind->zval) = dbretlen(mssql_ptr->link,i); - Z_STRVAL_P(bind->zval) = estrndup(dbretdata(mssql_ptr->link,i),Z_STRLEN_P(bind->zval)); - break; - /* TODO binary */ + if (!dbretlen(mssql_ptr->link,i)) { + ZVAL_NULL(bind->zval); + } + else { + switch (type) { + case SQLBIT: + case SQLINT1: + case SQLINT2: + case SQLINT4: + convert_to_long_ex(&bind->zval); + /* FIXME this works only on little endian machine !!! */ + Z_LVAL_P(bind->zval) = *((int *)(dbretdata(mssql_ptr->link,i))); + break; + + case SQLFLT4: + case SQLFLT8: + case SQLFLTN: + case SQLMONEY4: + case SQLMONEY: + case SQLMONEYN: + convert_to_double_ex(&bind->zval); + Z_DVAL_P(bind->zval) = *((double *)(dbretdata(mssql_ptr->link,i))); + break; + + case SQLCHAR: + case SQLVARCHAR: + case SQLTEXT: + convert_to_string_ex(&bind->zval); + Z_STRLEN_P(bind->zval) = dbretlen(mssql_ptr->link,i); + Z_STRVAL_P(bind->zval) = estrndup(dbretdata(mssql_ptr->link,i),Z_STRLEN_P(bind->zval)); + break; + /* TODO binary */ + } } } else { @@ -1049,53 +1054,56 @@ int *column_types; char computed_buf[16]; - column_types = (int *) safe_emalloc(sizeof(int), result->num_fields, 0); - for (i=0; i<result->num_fields; i++) { - char *source = NULL; - char *fname = (char *)dbcolname(mssql_ptr->link,i+1); - - if (*fname) { - result->fields[i].name = estrdup(fname); - } else { - if (j>0) { - snprintf(computed_buf,16,"computed%d",j); + if (0==0 || !result->have_fields) { + column_types = (int *) safe_emalloc(sizeof(int), result->num_fields, 0); + for (i=0; i<result->num_fields; i++) { + char *source = NULL; + char *fname = (char *)dbcolname(mssql_ptr->link,i+1); + + if (*fname) { + result->fields[i].name = estrdup(fname); } else { - strcpy(computed_buf,"computed"); + if (j>0) { + snprintf(computed_buf,16,"computed%d",j); + } else { + strcpy(computed_buf,"computed"); + } + result->fields[i].name = estrdup(computed_buf); + j++; + } + result->fields[i].max_length = dbcollen(mssql_ptr->link,i+1); + source = (char *)dbcolsource(mssql_ptr->link,i+1); + if (source) { + result->fields[i].column_source = estrdup(source); + } + else { + result->fields[i].column_source = STR_EMPTY_ALLOC(); + } + + column_types[i] = coltype(i+1); + + Z_TYPE(result->fields[i]) = column_types[i]; + /* set numeric flag */ + switch (column_types[i]) { + case SQLINT1: + case SQLINT2: + case SQLINT4: + case SQLINTN: + case SQLFLT4: + case SQLFLT8: + case SQLNUMERIC: + case SQLDECIMAL: + result->fields[i].numeric = 1; + break; + case SQLCHAR: + case SQLVARCHAR: + case SQLTEXT: + default: + result->fields[i].numeric = 0; + break; } - result->fields[i].name = estrdup(computed_buf); - j++; - } - result->fields[i].max_length = dbcollen(mssql_ptr->link,i+1); - source = (char *)dbcolsource(mssql_ptr->link,i+1); - if (source) { - result->fields[i].column_source = estrdup(source); - } - else { - result->fields[i].column_source = STR_EMPTY_ALLOC(); - } - - column_types[i] = coltype(i+1); - - Z_TYPE(result->fields[i]) = column_types[i]; - /* set numeric flag */ - switch (column_types[i]) { - case SQLINT1: - case SQLINT2: - case SQLINT4: - case SQLINTN: - case SQLFLT4: - case SQLFLT8: - case SQLNUMERIC: - case SQLDECIMAL: - result->fields[i].numeric = 1; - break; - case SQLCHAR: - case SQLVARCHAR: - case SQLTEXT: - default: - result->fields[i].numeric = 0; - break; } + result->have_fields = 1; } i=0; @@ -1110,7 +1118,7 @@ result->data[i] = (zval *) safe_emalloc(sizeof(zval), result->num_fields, 0); for (j=0; j<result->num_fields; j++) { INIT_ZVAL(result->data[i][j]); - MS_SQL_G(get_column_content(mssql_ptr, j+1, &result->data[i][j], column_types[j] TSRMLS_CC)); + MS_SQL_G(get_column_content(mssql_ptr, j+1, &result->data[i][j], Z_TYPE(result->fields[j]) TSRMLS_CC)); } if (i<result->batchsize || result->batchsize==0) { i++; @@ -1229,6 +1237,7 @@ result->blocks_initialized = 0; result->mssql_ptr = mssql_ptr; result->cur_field=result->cur_row=result->num_rows=0; + result->have_fields = 0; result->fields = (mssql_field *) safe_emalloc(sizeof(mssql_field), result->num_fields, 0); result->num_rows = _mssql_fetch_batch(mssql_ptr, result, retvalue TSRMLS_CC); http://cvs.php.net/diff.php/php-src/ext/mssql/php_mssql.h?r1=1.41&r2=1.42&ty=u Index: php-src/ext/mssql/php_mssql.h diff -u php-src/ext/mssql/php_mssql.h:1.41 php-src/ext/mssql/php_mssql.h:1.42 --- php-src/ext/mssql/php_mssql.h:1.41 Wed Aug 3 10:07:28 2005 +++ php-src/ext/mssql/php_mssql.h Mon Aug 8 17:32:18 2005 @@ -17,7 +17,7 @@ */ -/* $Id: php_mssql.h,v 1.41 2005/08/03 14:07:28 sniper Exp $ */ +/* $Id: php_mssql.h,v 1.42 2005/08/08 21:32:18 fmk Exp $ */ #ifndef PHP_MSSQL_H #define PHP_MSSQL_H @@ -188,7 +188,7 @@ int lastresult; int blocks_initialized; int cur_row,cur_field; - int num_rows,num_fields; + int num_rows,num_fields,have_fields; } mssql_result;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php