[PHP-CVS] cvs: php-src(PHP_5_3) /ext/pdo pdo_dbh.c

Thu, 21 Feb 2008 05:38:04 -0800 

iliaa           Thu Feb 21 13:37:21 2008 UTC

  Modified files:              (Branch: PHP_5_3)
    /php-src/ext/pdo    pdo_dbh.c 
  Log:
  Fixed bug #44189 (PDO setAttribute() does not properly validate values for 
  native numeric options)
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_dbh.c?r1=1.82.2.31.2.17.2.5&r2=1.82.2.31.2.17.2.6&diff_format=u
Index: php-src/ext/pdo/pdo_dbh.c
diff -u php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.17.2.5 
php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.17.2.6
--- php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.17.2.5        Tue Feb 19 12:13:20 2008
+++ php-src/ext/pdo/pdo_dbh.c   Thu Feb 21 13:37:21 2008
@@ -18,7 +18,7 @@
   +----------------------------------------------------------------------+
 */
 
-/* $Id: pdo_dbh.c,v 1.82.2.31.2.17.2.5 2008/02/19 12:13:20 felipe Exp $ */
+/* $Id: pdo_dbh.c,v 1.82.2.31.2.17.2.6 2008/02/21 13:37:21 iliaa Exp $ */
 
 /* The PDO Database Handle Class */
 
@@ -669,8 +669,17 @@
 
 static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value 
TSRMLS_DC) /* {{{ */
 {
+
+#define PDO_LONG_PARAM_CHECK \
+       if (Z_TYPE_P(value) != IS_LONG && Z_TYPE_P(value) != IS_STRING && 
Z_TYPE_P(value) != IS_BOOL) { \
+               pdo_raise_impl_error(dbh, NULL, "HY000", "attribute value must 
be an integer" TSRMLS_CC); \
+               PDO_HANDLE_DBH_ERR(); \
+               return FAILURE; \
+       } \
+
        switch (attr) {
                case PDO_ATTR_ERRMODE:
+                       PDO_LONG_PARAM_CHECK;
                        convert_to_long(value);
                        switch (Z_LVAL_P(value)) {
                                case PDO_ERRMODE_SILENT:
@@ -686,6 +695,7 @@
                        return FAILURE;
 
                case PDO_ATTR_CASE:
+                       PDO_LONG_PARAM_CHECK;
                        convert_to_long(value);
                        switch (Z_LVAL_P(value)) {
                                case PDO_CASE_NATURAL:
@@ -701,6 +711,7 @@
                        return FAILURE;
 
                case PDO_ATTR_ORACLE_NULLS:
+                       PDO_LONG_PARAM_CHECK;
                        convert_to_long(value);
                        dbh->oracle_nulls = Z_LVAL_P(value);
                        return SUCCESS;
@@ -714,6 +725,8 @@
                                                return FAILURE;
                                        }
                                }
+                       } else {
+                               PDO_LONG_PARAM_CHECK;
                        }
                        convert_to_long(value);
                        if (Z_LVAL_P(value) == PDO_FETCH_USE_DEFAULT) {
@@ -724,6 +737,7 @@
                        return SUCCESS;
 
                case PDO_ATTR_STRINGIFY_FETCHES:
+                       PDO_LONG_PARAM_CHECK;
                        convert_to_long(value);
                        dbh->stringify = Z_LVAL_P(value) ? 1 : 0;
                        return SUCCESS;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to