felipe Mon, 12 Oct 2009 19:04:00 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=289587
Log:
- Fixed possible crash when calling SQLiteDatabase::{ArrayQuery, SingleQuery}
methods using Reflection
Changed paths:
U php/php-src/branches/PHP_5_2/ext/sqlite/sqlite.c
A
php/php-src/branches/PHP_5_2/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
U php/php-src/branches/PHP_5_3/ext/sqlite/sqlite.c
A
php/php-src/branches/PHP_5_3/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
U php/php-src/trunk/ext/sqlite/sqlite.c
A php/php-src/trunk/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
Modified: php/php-src/branches/PHP_5_2/ext/sqlite/sqlite.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/sqlite/sqlite.c 2009-10-12 18:53:41 UTC
(rev 289586)
+++ php/php-src/branches/PHP_5_2/ext/sqlite/sqlite.c 2009-10-12 19:04:00 UTC
(rev 289587)
@@ -125,7 +125,7 @@
}
#define PHP_SQLITE_EMPTY_QUERY \
- if (!sql_len) { \
+ if (!sql_len || !*sql) { \
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute
empty query."); \
RETURN_FALSE; \
}
Added:
php/php-src/branches/PHP_5_2/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
===================================================================
---
php/php-src/branches/PHP_5_2/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
(rev 0)
+++
php/php-src/branches/PHP_5_2/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
2009-10-12 19:04:00 UTC (rev 289587)
@@ -0,0 +1,23 @@
+--TEST--
+Testing SQLiteDatabase::ArrayQuery with NULL-byte string
+--SKIPIF--
+<?php
+if (!extension_loaded("sqlite")) print "skip";
+?>
+--FILE--
+<?php
+
+$method = new ReflectionMethod('sqlitedatabase::arrayquery');
+
+$class = $method->getDeclaringClass()->newInstanceArgs(array(':memory:'));
+
+$p = "\0";
+
+$method->invokeArgs($class, array_fill(0, 2, $p));
+$method->invokeArgs($class, array_fill(0, 1, $p));
+
+?>
+--EXPECTF--
+Warning: SQLiteDatabase::arrayQuery() expects parameter 2 to be long, string
given in %s on line %d
+
+Warning: SQLiteDatabase::arrayQuery(): Cannot execute empty query. in %s on
line %d
Property changes on:
php/php-src/branches/PHP_5_2/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
Modified: php/php-src/branches/PHP_5_3/ext/sqlite/sqlite.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/sqlite/sqlite.c 2009-10-12 18:53:41 UTC
(rev 289586)
+++ php/php-src/branches/PHP_5_3/ext/sqlite/sqlite.c 2009-10-12 19:04:00 UTC
(rev 289587)
@@ -129,7 +129,7 @@
#define RES_FROM_OBJECT(res, object) RES_FROM_OBJECT_RESTORE_ERH(res, object,
NULL)
#define PHP_SQLITE_EMPTY_QUERY \
- if (!sql_len) { \
+ if (!sql_len || !*sql) { \
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute
empty query."); \
RETURN_FALSE; \
}
Added:
php/php-src/branches/PHP_5_3/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
===================================================================
---
php/php-src/branches/PHP_5_3/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
(rev 0)
+++
php/php-src/branches/PHP_5_3/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
2009-10-12 19:04:00 UTC (rev 289587)
@@ -0,0 +1,23 @@
+--TEST--
+Testing SQLiteDatabase::ArrayQuery with NULL-byte string
+--SKIPIF--
+<?php
+if (!extension_loaded("sqlite")) print "skip";
+?>
+--FILE--
+<?php
+
+$method = new ReflectionMethod('sqlitedatabase::arrayquery');
+
+$class = $method->getDeclaringClass()->newInstanceArgs(array(':memory:'));
+
+$p = "\0";
+
+$method->invokeArgs($class, array_fill(0, 2, $p));
+$method->invokeArgs($class, array_fill(0, 1, $p));
+
+?>
+--EXPECTF--
+Warning: SQLiteDatabase::arrayQuery() expects parameter 2 to be long, string
given in %s on line %d
+
+Warning: SQLiteDatabase::arrayQuery(): Cannot execute empty query. in %s on
line %d
Property changes on:
php/php-src/branches/PHP_5_3/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
Modified: php/php-src/trunk/ext/sqlite/sqlite.c
===================================================================
--- php/php-src/trunk/ext/sqlite/sqlite.c 2009-10-12 18:53:41 UTC (rev
289586)
+++ php/php-src/trunk/ext/sqlite/sqlite.c 2009-10-12 19:04:00 UTC (rev
289587)
@@ -175,7 +175,7 @@
#define RES_FROM_OBJECT(res, object) RES_FROM_OBJECT_RESTORE_ERH(res, object,
NULL)
#define PHP_SQLITE_EMPTY_QUERY \
- if (!sql_len) { \
+ if (!sql_len || !*sql) { \
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute
empty query"); \
RETURN_FALSE; \
}
Added: php/php-src/trunk/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
===================================================================
--- php/php-src/trunk/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
(rev 0)
+++ php/php-src/trunk/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
2009-10-12 19:04:00 UTC (rev 289587)
@@ -0,0 +1,23 @@
+--TEST--
+Testing SQLiteDatabase::ArrayQuery with NULL-byte string
+--SKIPIF--
+<?php
+if (!extension_loaded("sqlite")) print "skip";
+?>
+--FILE--
+<?php
+
+$method = new ReflectionMethod('sqlitedatabase::arrayquery');
+
+$class = $method->getDeclaringClass()->newInstanceArgs(array(':memory:'));
+
+$p = "\0";
+
+$method->invokeArgs($class, array_fill(0, 2, $p));
+$method->invokeArgs($class, array_fill(0, 1, $p));
+
+?>
+--EXPECTF--
+Warning: SQLiteDatabase::arrayQuery() expects parameter 2 to be long, string
given in %s on line %d
+
+Warning: SQLiteDatabase::arrayQuery(): Cannot execute empty query. in %s on
line %d
Property changes on:
php/php-src/trunk/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
___________________________________________________________________
Added: svn:keywords
+ Id Rev Revision
Added: svn:eol-style
+ native
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
