andrey Tue, 27 Apr 2010 08:45:23 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=298646
Log: Test case for the buffer overflow in mysqlnd_change_user Changed paths: U php/php-src/branches/PHP_5_3/ext/mysqli/tests/mysqli_change_user.phpt U php/php-src/trunk/ext/mysqli/tests/mysqli_change_user.phpt Modified: php/php-src/branches/PHP_5_3/ext/mysqli/tests/mysqli_change_user.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/mysqli/tests/mysqli_change_user.phpt 2010-04-27 08:45:02 UTC (rev 298645) +++ php/php-src/branches/PHP_5_3/ext/mysqli/tests/mysqli_change_user.phpt 2010-04-27 08:45:23 UTC (rev 298646) @@ -73,8 +73,18 @@ mysqli_close($link); + if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) { + printf("[020] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", + $host, $user, $db, $port, $socket); + } + + if (false !== ($tmp = mysqli_change_user($link, str_repeat('user', 16384), str_repeat('pass', 16384), str_repeat('dbase', 16384)))) + printf("[021] Expecting false, got %s/%s\n", gettype($tmp), $tmp); + + mysqli_close($link); + if (NULL !== ($tmp = @mysqli_change_user($link, $user, $passwd, $db))) - printf("[020] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); + printf("[022] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); print "done!"; ?> Modified: php/php-src/trunk/ext/mysqli/tests/mysqli_change_user.phpt =================================================================== --- php/php-src/trunk/ext/mysqli/tests/mysqli_change_user.phpt 2010-04-27 08:45:02 UTC (rev 298645) +++ php/php-src/trunk/ext/mysqli/tests/mysqli_change_user.phpt 2010-04-27 08:45:23 UTC (rev 298646) @@ -73,8 +73,18 @@ mysqli_close($link); + if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) { + printf("[020] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", + $host, $user, $db, $port, $socket); + } + + if (false !== ($tmp = mysqli_change_user($link, str_repeat('user', 16384), str_repeat('pass', 16384), str_repeat('dbase', 16384)))) + printf("[021] Expecting false, got %s/%s\n", gettype($tmp), $tmp); + + mysqli_close($link); + if (NULL !== ($tmp = @mysqli_change_user($link, $user, $passwd, $db))) - printf("[020] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); + printf("[022] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp); print "done!"; ?>
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php