tony2001 Mon Oct 10 16:03:01 2005 EDT
Modified files: (Branch: PHP_5_1)
/php-src NEWS
/php-src/ext/mysqli mysqli.c mysqli_warning.c
Log:
fix #34818 (new mysqli_stmt() and several others crash if the first parameter
is not a valid mysqli_link)
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.2027.2.113&r2=1.2027.2.114&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.113 php-src/NEWS:1.2027.2.114
--- php-src/NEWS:1.2027.2.113 Mon Oct 10 10:44:16 2005
+++ php-src/NEWS Mon Oct 10 16:02:58 2005
@@ -43,6 +43,8 @@
- Fixed "make test" to work for phpized extensions. (Hartmut, Jani)
- Fixed failing queries (FALSE returned) with mysqli_query() on 64 bit systems.
(Andrey)
+- Fixed bug #34818 (several functions crash when invalid mysqli_link object
+ is passed). (Tony)
- Fixed bug #34810 (mysqli::init() and others use wrong $this pointer
without checks). (Tony)
- Fixed bug #34809 (FETCH_INTO in PDO crashes without a destination object).
http://cvs.php.net/diff.php/php-src/ext/mysqli/mysqli.c?r1=1.72.2.2&r2=1.72.2.3&ty=u
Index: php-src/ext/mysqli/mysqli.c
diff -u php-src/ext/mysqli/mysqli.c:1.72.2.2
php-src/ext/mysqli/mysqli.c:1.72.2.3
--- php-src/ext/mysqli/mysqli.c:1.72.2.2 Sat Oct 8 11:08:03 2005
+++ php-src/ext/mysqli/mysqli.c Mon Oct 10 16:02:59 2005
@@ -15,7 +15,7 @@
| Author: Georg Richter <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
- $Id: mysqli.c,v 1.72.2.2 2005/10/08 15:08:03 georg Exp $
+ $Id: mysqli.c,v 1.72.2.3 2005/10/10 20:02:59 tony2001 Exp $
*/
#ifdef HAVE_CONFIG_H
@@ -652,33 +652,34 @@
ZEND_FUNCTION(mysqli_stmt_construct)
{
MY_MYSQL *mysql;
- zval **mysql_link, **statement;
+ zval *mysql_link;
MY_STMT *stmt;
MYSQLI_RESOURCE *mysqli_resource;
+ char *statement;
+ int stmt_len;
switch (ZEND_NUM_ARGS())
{
case 1: /* mysql_stmt_init */
- if (zend_get_parameters_ex(1, &mysql_link)==FAILURE) {
+ if (zend_parse_parameters(1, "O", &mysql_link,
mysqli_link_class_entry)==FAILURE) {
return;
}
- MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, mysql_link,
"mysqli_link");
+ MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link,
"mysqli_link");
stmt = (MY_STMT *)ecalloc(1,sizeof(MY_STMT));
stmt->stmt = mysql_stmt_init(mysql->mysql);
break;
case 2:
- if (zend_get_parameters_ex(2, &mysql_link,
&statement)==FAILURE) {
+ if (zend_parse_parameters(2, "Os", &mysql_link,
mysqli_link_class_entry, &statement, &stmt_len)==FAILURE) {
return;
}
- MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, mysql_link,
"mysqli_link");
- convert_to_string_ex(statement);
+ MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link,
"mysqli_link");
stmt = (MY_STMT *)ecalloc(1,sizeof(MY_STMT));
if ((stmt->stmt = mysql_stmt_init(mysql->mysql))) {
- mysql_stmt_prepare(stmt->stmt,
Z_STRVAL_PP(statement), strlen(Z_STRVAL_PP(statement)));
+ mysql_stmt_prepare(stmt->stmt, statement,
stmt_len);
}
break;
default:
@@ -708,27 +709,26 @@
{
MY_MYSQL *mysql;
MYSQL_RES *result;
- zval **mysql_link, **mode;
+ zval *mysql_link;
MYSQLI_RESOURCE *mysqli_resource;
- int resmode = MYSQLI_STORE_RESULT;
+ long resmode = MYSQLI_STORE_RESULT;
switch (ZEND_NUM_ARGS()) {
case 1:
- if (zend_get_parameters_ex(1, &mysql_link)==FAILURE) {
+ if (zend_parse_parameters(1, "O", &mysql_link,
mysqli_link_class_entry)==FAILURE) {
return;
}
break;
case 2:
- if (zend_get_parameters_ex(2, &mysql_link, &mode)==FAILURE) {
+ if (zend_parse_parameters(2, "Ol", &mysql_link,
mysqli_link_class_entry, &resmode)==FAILURE) {
return;
}
- resmode = Z_LVAL_PP(mode);
break;
default:
WRONG_PARAM_COUNT;
}
- MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, mysql_link, "mysqli_link");
+ MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link");
result = (resmode == MYSQLI_STORE_RESULT) ?
mysql_store_result(mysql->mysql) :
mysql_use_result(mysql->mysql);
http://cvs.php.net/diff.php/php-src/ext/mysqli/mysqli_warning.c?r1=1.5.2.1&r2=1.5.2.2&ty=u
Index: php-src/ext/mysqli/mysqli_warning.c
diff -u php-src/ext/mysqli/mysqli_warning.c:1.5.2.1
php-src/ext/mysqli/mysqli_warning.c:1.5.2.2
--- php-src/ext/mysqli/mysqli_warning.c:1.5.2.1 Mon Oct 10 08:57:55 2005
+++ php-src/ext/mysqli/mysqli_warning.c Mon Oct 10 16:03:00 2005
@@ -166,7 +166,7 @@
/* {{{ mysqli_warning_construct(object obj) */
PHP_METHOD(mysqli_warning, __construct)
{
- zval **z;
+ zval *z;
mysqli_object *obj;
MYSQL *hdl;
MYSQLI_WARNING *w;
@@ -175,18 +175,18 @@
if (ZEND_NUM_ARGS() != 1) {
WRONG_PARAM_COUNT;
}
- if (zend_get_parameters_ex(1, &z)==FAILURE) {
+ if (zend_parse_parameters(1, "o", &z)==FAILURE) {
return;
}
- obj = (mysqli_object *)zend_object_store_get_object(*(z) TSRMLS_CC);\
+ obj = (mysqli_object *)zend_object_store_get_object(z TSRMLS_CC);\
if (obj->zo.ce == mysqli_link_class_entry) {
MY_MYSQL *mysql;
- MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, z, "mysqli_link");
+ MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &z, "mysqli_link");
hdl = mysql->mysql;
} else if (obj->zo.ce == mysqli_stmt_class_entry) {
MY_STMT *stmt;
- MYSQLI_FETCH_RESOURCE(stmt, MY_STMT *, z, "mysqli_stmt");
+ MYSQLI_FETCH_RESOURCE(stmt, MY_STMT *, &z, "mysqli_stmt");
hdl = stmt->stmt->mysql;
} else {
RETURN_FALSE;
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
