felipe Mon, 12 Oct 2009 17:09:11 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=289581
Log: - Fixed PDORow and PDOStatement crashes when instantiating throught Reflection Changed paths: U php/php-src/branches/PHP_5_2/Zend/zend_objects.c U php/php-src/branches/PHP_5_2/ext/pdo/pdo_dbh.c U php/php-src/branches/PHP_5_2/ext/pdo/pdo_stmt.c A php/php-src/branches/PHP_5_2/ext/pdo/tests/pdo_036.phpt U php/php-src/branches/PHP_5_3/Zend/zend_objects.c U php/php-src/branches/PHP_5_3/ext/pdo/pdo_dbh.c U php/php-src/branches/PHP_5_3/ext/pdo/pdo_stmt.c A php/php-src/branches/PHP_5_3/ext/pdo/tests/pdo_036.phpt U php/php-src/trunk/Zend/zend_objects.c U php/php-src/trunk/ext/pdo/pdo_dbh.c U php/php-src/trunk/ext/pdo/pdo_stmt.c A php/php-src/trunk/ext/pdo/tests/pdo_036.phpt
Modified: php/php-src/branches/PHP_5_2/Zend/zend_objects.c =================================================================== --- php/php-src/branches/PHP_5_2/Zend/zend_objects.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_2/Zend/zend_objects.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -49,7 +49,7 @@ ZEND_API void zend_objects_destroy_object(zend_object *object, zend_object_handle handle TSRMLS_DC) { - zend_function *destructor = object->ce->destructor; + zend_function *destructor = object ? object->ce->destructor : NULL; if (destructor) { zval *obj; Modified: php/php-src/branches/PHP_5_2/ext/pdo/pdo_dbh.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/pdo/pdo_dbh.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_2/ext/pdo/pdo_dbh.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -110,7 +110,7 @@ char *message = NULL; zval *info = NULL; - if (dbh->error_mode == PDO_ERRMODE_SILENT) { + if (dbh == NULL || dbh->error_mode == PDO_ERRMODE_SILENT) { return; } Modified: php/php-src/branches/PHP_5_2/ext/pdo/pdo_stmt.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/pdo/pdo_stmt.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_2/ext/pdo/pdo_stmt.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -2597,27 +2597,29 @@ MAKE_STD_ZVAL(return_value); RETVAL_NULL(); - - if (Z_TYPE_P(member) == IS_LONG) { - if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { - fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); - } - } else { - convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); - return_value->refcount = 0; - return_value->is_ref = 0; - return return_value; + + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { + fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); } + } else { + convert_to_string(member); + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); + return_value->refcount = 0; + return_value->is_ref = 0; + return return_value; + } + } + if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { + zval_ptr_dtor(&return_value); + return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); + } } - if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { - zval_ptr_dtor(&return_value); - return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); - } } return_value->refcount = 0; @@ -2636,16 +2638,18 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int colno = -1; - if (Z_TYPE_P(member) == IS_LONG) { - return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; - } else { - convert_to_string(member); + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; + } else { + convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - return 1; + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + return 1; + } } } } @@ -2663,6 +2667,10 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int i; + if (stmt == NULL) { + return NULL; + } + for (i = 0; i < stmt->column_count; i++) { zval *val; MAKE_STD_ZVAL(val); Added: php/php-src/branches/PHP_5_2/ext/pdo/tests/pdo_036.phpt =================================================================== --- php/php-src/branches/PHP_5_2/ext/pdo/tests/pdo_036.phpt (rev 0) +++ php/php-src/branches/PHP_5_2/ext/pdo/tests/pdo_036.phpt 2009-10-12 17:09:11 UTC (rev 289581) @@ -0,0 +1,21 @@ +--TEST-- +Testing PDORow and PDOStatement instances with Reflection +--FILE-- +<?php + +$instance = new reflectionclass('pdorow'); +$x = $instance->newInstance(); +var_dump($x); + +$instance = new reflectionclass('pdostatement'); +$x = $instance->newInstance(); +var_dump($x); + +?> +--EXPECTF-- +object(PDORow)#%d (0) { +} +object(PDOStatement)#%d (1) { + [%u|b%"queryString"]=> + NULL +} Property changes on: php/php-src/branches/PHP_5_2/ext/pdo/tests/pdo_036.phpt ___________________________________________________________________ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native Modified: php/php-src/branches/PHP_5_3/Zend/zend_objects.c =================================================================== --- php/php-src/branches/PHP_5_3/Zend/zend_objects.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_3/Zend/zend_objects.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -49,7 +49,7 @@ ZEND_API void zend_objects_destroy_object(zend_object *object, zend_object_handle handle TSRMLS_DC) { - zend_function *destructor = object->ce->destructor; + zend_function *destructor = object ? object->ce->destructor : NULL; if (destructor) { zval *obj; Modified: php/php-src/branches/PHP_5_3/ext/pdo/pdo_dbh.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo/pdo_dbh.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_3/ext/pdo/pdo_dbh.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -110,7 +110,7 @@ char *message = NULL; zval *info = NULL; - if (dbh->error_mode == PDO_ERRMODE_SILENT) { + if (dbh == NULL || dbh->error_mode == PDO_ERRMODE_SILENT) { return; } Modified: php/php-src/branches/PHP_5_3/ext/pdo/pdo_stmt.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo/pdo_stmt.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/branches/PHP_5_3/ext/pdo/pdo_stmt.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -2663,27 +2663,29 @@ MAKE_STD_ZVAL(return_value); RETVAL_NULL(); - - if (Z_TYPE_P(member) == IS_LONG) { - if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { - fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); - } - } else { - convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); - Z_SET_REFCOUNT_P(return_value, 0); - Z_UNSET_ISREF_P(return_value); - return return_value; + + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { + fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); } + } else { + convert_to_string(member); + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); + Z_SET_REFCOUNT_P(return_value, 0); + Z_UNSET_ISREF_P(return_value); + return return_value; + } + } + if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { + zval_ptr_dtor(&return_value); + return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); + } } - if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { - zval_ptr_dtor(&return_value); - return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); - } } Z_SET_REFCOUNT_P(return_value, 0); @@ -2702,16 +2704,18 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int colno = -1; - if (Z_TYPE_P(member) == IS_LONG) { - return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; - } else { - convert_to_string(member); + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; + } else { + convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - return 1; + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + return 1; + } } } } @@ -2729,6 +2733,10 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int i; + if (stmt == NULL) { + return NULL; + } + for (i = 0; i < stmt->column_count; i++) { zval *val; MAKE_STD_ZVAL(val); Added: php/php-src/branches/PHP_5_3/ext/pdo/tests/pdo_036.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo/tests/pdo_036.phpt (rev 0) +++ php/php-src/branches/PHP_5_3/ext/pdo/tests/pdo_036.phpt 2009-10-12 17:09:11 UTC (rev 289581) @@ -0,0 +1,21 @@ +--TEST-- +Testing PDORow and PDOStatement instances with Reflection +--FILE-- +<?php + +$instance = new reflectionclass('pdorow'); +$x = $instance->newInstance(); +var_dump($x); + +$instance = new reflectionclass('pdostatement'); +$x = $instance->newInstance(); +var_dump($x); + +?> +--EXPECTF-- +object(PDORow)#%d (0) { +} +object(PDOStatement)#%d (1) { + [%u|b%"queryString"]=> + NULL +} Property changes on: php/php-src/branches/PHP_5_3/ext/pdo/tests/pdo_036.phpt ___________________________________________________________________ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native Modified: php/php-src/trunk/Zend/zend_objects.c =================================================================== --- php/php-src/trunk/Zend/zend_objects.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/trunk/Zend/zend_objects.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -51,7 +51,7 @@ ZEND_API void zend_objects_destroy_object(zend_object *object, zend_object_handle handle TSRMLS_DC) /* {{{ */ { - zend_function *destructor = object->ce->destructor; + zend_function *destructor = object ? object->ce->destructor : NULL; if (destructor) { zval *obj; Modified: php/php-src/trunk/ext/pdo/pdo_dbh.c =================================================================== --- php/php-src/trunk/ext/pdo/pdo_dbh.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/trunk/ext/pdo/pdo_dbh.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -110,7 +110,7 @@ char *message = NULL; zval *info = NULL; - if (dbh->error_mode == PDO_ERRMODE_SILENT) { + if (dbh == NULL || dbh->error_mode == PDO_ERRMODE_SILENT) { return; } Modified: php/php-src/trunk/ext/pdo/pdo_stmt.c =================================================================== --- php/php-src/trunk/ext/pdo/pdo_stmt.c 2009-10-12 17:00:27 UTC (rev 289580) +++ php/php-src/trunk/ext/pdo/pdo_stmt.c 2009-10-12 17:09:11 UTC (rev 289581) @@ -2673,27 +2673,29 @@ MAKE_STD_ZVAL(return_value); RETVAL_NULL(); - - if (Z_TYPE_P(member) == IS_LONG) { - if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { - fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); - } - } else { - convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); - Z_SET_REFCOUNT_P(return_value, 0); - Z_UNSET_ISREF_P(return_value); - return return_value; + + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + if (Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count) { + fetch_value(stmt, return_value, Z_LVAL_P(member), NULL TSRMLS_CC); } + } else { + convert_to_string(member); + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + fetch_value(stmt, return_value, colno, NULL TSRMLS_CC); + Z_SET_REFCOUNT_P(return_value, 0); + Z_UNSET_ISREF_P(return_value); + return return_value; + } + } + if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { + zval_ptr_dtor(&return_value); + return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); + } } - if (strcmp(Z_STRVAL_P(member), "queryString") == 0) { - zval_ptr_dtor(&return_value); - return std_object_handlers.read_property(object, member, IS_STRING TSRMLS_CC); - } } Z_SET_REFCOUNT_P(return_value, 0); @@ -2712,16 +2714,18 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int colno = -1; - if (Z_TYPE_P(member) == IS_LONG) { - return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; - } else { - convert_to_string(member); + if (stmt) { + if (Z_TYPE_P(member) == IS_LONG) { + return Z_LVAL_P(member) >= 0 && Z_LVAL_P(member) < stmt->column_count; + } else { + convert_to_string(member); - /* TODO: replace this with a hash of available column names to column - * numbers */ - for (colno = 0; colno < stmt->column_count; colno++) { - if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { - return 1; + /* TODO: replace this with a hash of available column names to column + * numbers */ + for (colno = 0; colno < stmt->column_count; colno++) { + if (strcmp(stmt->columns[colno].name, Z_STRVAL_P(member)) == 0) { + return 1; + } } } } @@ -2739,6 +2743,10 @@ pdo_stmt_t * stmt = (pdo_stmt_t *) zend_object_store_get_object(object TSRMLS_CC); int i; + if (stmt == NULL) { + return NULL; + } + for (i = 0; i < stmt->column_count; i++) { zval *val; MAKE_STD_ZVAL(val); Added: php/php-src/trunk/ext/pdo/tests/pdo_036.phpt =================================================================== --- php/php-src/trunk/ext/pdo/tests/pdo_036.phpt (rev 0) +++ php/php-src/trunk/ext/pdo/tests/pdo_036.phpt 2009-10-12 17:09:11 UTC (rev 289581) @@ -0,0 +1,21 @@ +--TEST-- +Testing PDORow and PDOStatement instances with Reflection +--FILE-- +<?php + +$instance = new reflectionclass('pdorow'); +$x = $instance->newInstance(); +var_dump($x); + +$instance = new reflectionclass('pdostatement'); +$x = $instance->newInstance(); +var_dump($x); + +?> +--EXPECTF-- +object(PDORow)#%d (0) { +} +object(PDOStatement)#%d (1) { + [%u|b%"queryString"]=> + NULL +} Property changes on: php/php-src/trunk/ext/pdo/tests/pdo_036.phpt ___________________________________________________________________ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php