iliaa Tue Mar 6 00:52:55 2007 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/pdo pdo_sql_parser.c pdo_sql_parser.re /php-src NEWS Log: Fixed bug #40417 (Allow multiple instances of the same named PDO token in prepared statement emulation code). http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_sql_parser.c?r1=1.35.2.6.2.10&r2=1.35.2.6.2.11&diff_format=u Index: php-src/ext/pdo/pdo_sql_parser.c diff -u php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.10 php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.11 --- php-src/ext/pdo/pdo_sql_parser.c:1.35.2.6.2.10 Fri Feb 2 00:03:33 2007 +++ php-src/ext/pdo/pdo_sql_parser.c Tue Mar 6 00:52:55 2007 @@ -1,4 +1,4 @@ -/* Generated by re2c 0.11.0 on Thu Feb 1 19:01:11 2007 */ +/* Generated by re2c 0.11.0 on Mon Mar 5 19:42:28 2007 */ #line 1 "ext/pdo/pdo_sql_parser.re" /* +----------------------------------------------------------------------+ @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: pdo_sql_parser.c,v 1.35.2.6.2.10 2007/02/02 00:03:33 iliaa Exp $ */ +/* $Id: pdo_sql_parser.c,v 1.35.2.6.2.11 2007/03/06 00:52:55 iliaa Exp $ */ #include "php.h" #include "php_pdo_driver.h" @@ -280,13 +280,25 @@ } if (params && bindno != zend_hash_num_elements(params) && stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) { + /* extra bit of validation for instances when same params are bound more then once */ + if (query_type != PDO_PLACEHOLDER_POSITIONAL && bindno > zend_hash_num_elements(params)) { + int ok = 1; + for (plc = placeholders; plc; plc = plc->next) { + if (zend_hash_find(params, plc->pos, plc->len, (void**) ¶m) == FAILURE) { + ok = 0; + break; + } + } + if (ok) { + goto safe; + } + } pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "number of bound variables does not match number of tokens" TSRMLS_CC); ret = -1; goto clean_up; } - +safe: /* what are we going to do ? */ - if (stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) { /* query generation */ http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_sql_parser.re?r1=1.28.2.4.2.7&r2=1.28.2.4.2.8&diff_format=u Index: php-src/ext/pdo/pdo_sql_parser.re diff -u php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.7 php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.8 --- php-src/ext/pdo/pdo_sql_parser.re:1.28.2.4.2.7 Thu Feb 1 00:12:39 2007 +++ php-src/ext/pdo/pdo_sql_parser.re Tue Mar 6 00:52:55 2007 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: pdo_sql_parser.re,v 1.28.2.4.2.7 2007/02/01 00:12:39 iliaa Exp $ */ +/* $Id: pdo_sql_parser.re,v 1.28.2.4.2.8 2007/03/06 00:52:55 iliaa Exp $ */ #include "php.h" #include "php_pdo_driver.h" @@ -155,13 +155,25 @@ } if (params && bindno != zend_hash_num_elements(params) && stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) { + /* extra bit of validation for instances when same params are bound more then once */ + if (query_type != PDO_PLACEHOLDER_POSITIONAL && bindno > zend_hash_num_elements(params)) { + int ok = 1; + for (plc = placeholders; plc; plc = plc->next) { + if (zend_hash_find(params, plc->pos, plc->len, (void**) ¶m) == FAILURE) { + ok = 0; + break; + } + } + if (ok) { + goto safe; + } + } pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "number of bound variables does not match number of tokens" TSRMLS_CC); ret = -1; goto clean_up; } - +safe: /* what are we going to do ? */ - if (stmt->supports_placeholders == PDO_PLACEHOLDER_NONE) { /* query generation */ http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.574&r2=1.2027.2.547.2.575&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.574 php-src/NEWS:1.2027.2.547.2.575 --- php-src/NEWS:1.2027.2.547.2.574 Mon Mar 5 15:49:00 2007 +++ php-src/NEWS Tue Mar 6 00:52:55 2007 @@ -52,6 +52,8 @@ - Fixed bug #40451 (addAttribute() may crash when used with non-existent child node). (Tony) - Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre) +- Fixed bug #40417 (Allow multiple instances of the same named PDO token in + prepared statement emulation code). (Ilia) - Fixed bug #40414 (possible endless fork() loop when running fastcgi). (Dmitry) - Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php