johannes Fri, 14 Jan 2011 14:57:57 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=307478
Log: - Fix #53551 (PDOStatement execute segfaults for pdo_mysql driver) Bug: http://bugs.php.net/53551 (Assigned) PDOStatement execute segfaults for pdo_mysql driver Changed paths: U php/php-src/branches/PHP_5_3/NEWS U php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_statement.c A php/php-src/branches/PHP_5_3/ext/pdo_mysql/tests/bug53551.phpt U php/php-src/trunk/ext/pdo_mysql/mysql_statement.c A php/php-src/trunk/ext/pdo_mysql/tests/bug53551.phpt Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2011-01-14 14:54:18 UTC (rev 307477) +++ php/php-src/branches/PHP_5_3/NEWS 2011-01-14 14:57:57 UTC (rev 307478) @@ -63,6 +63,10 @@ . Fixed stream_socket_enable_crypto() not honoring the socket timeout in server mode. (Gustavo) +- PDO MySQL driver: + . Fixed bug #53551 (PDOStatement execute segfaults for pdo_mysql driver). + (Johannes) + - PDO Oracle driver: . Fixed bug #39199 (Cannot load Lob data with more than 4000 bytes on ORACLE 10). (spatar at mail dot nnov dot ru) Modified: php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_statement.c =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_statement.c 2011-01-14 14:54:18 UTC (rev 307477) +++ php/php-src/branches/PHP_5_3/ext/pdo_mysql/mysql_statement.c 2011-01-14 14:57:57 UTC (rev 307478) @@ -142,8 +142,7 @@ /* (re)bind the parameters */ if (mysql_stmt_bind_param(S->stmt, S->params) || mysql_stmt_execute(S->stmt)) { if (S->params) { - efree(S->params); - S->params = 0; + memset(S->params, 0, S->num_params * sizeof(MYSQL_BIND)); } pdo_mysql_error_stmt(stmt); if (mysql_stmt_errno(S->stmt) == 2057) { Added: php/php-src/branches/PHP_5_3/ext/pdo_mysql/tests/bug53551.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/pdo_mysql/tests/bug53551.phpt (rev 0) +++ php/php-src/branches/PHP_5_3/ext/pdo_mysql/tests/bug53551.phpt 2011-01-14 14:57:57 UTC (rev 307478) @@ -0,0 +1,73 @@ +--TEST-- +Bug #44327 (PDORow::queryString property & numeric offsets / Crash) +--SKIPIF-- +<?php +require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'skipif.inc'); +require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'); +MySQLPDOTest::skip(); +$db = MySQLPDOTest::factory(); +?> +--FILE-- +<?php +include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'; +$db = MySQLPDOTest::factory(); + +$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 0); + +$createSql = "CREATE TABLE `bug53551` ( + `count` bigint(20) unsigned NOT NULL DEFAULT '0' +)"; + +$db->exec('drop table if exists bug53551'); +$db->exec($createSql); +$db->exec("insert into bug53551 set `count` = 1 "); +$db->exec("SET sql_mode = 'Traditional'"); +$sql = 'UPDATE bug53551 SET `count` = :count'; +$stmt = $db->prepare($sql); + +$values = array ( + 'count' => NULL, +); + +echo "1\n"; +$stmt->execute($values); +var_dump($stmt->errorInfo()); + +echo "2\n"; +$stmt->execute($values); +var_dump($stmt->errorInfo()); + +echo "\ndone\n"; + +?> +--CLEAN-- +<?php +include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'; +$db = MySQLPDOTest::factory(); +$db->exec('DROP TABLE IF EXISTS bug53551'); +?> +--EXPECTF-- +1 + +Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d +array(3) { + [0]=> + string(5) "23000" + [1]=> + int(1048) + [2]=> + string(29) "Column 'count' cannot be null" +} +2 + +Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d +array(3) { + [0]=> + string(5) "23000" + [1]=> + int(1048) + [2]=> + string(29) "Column 'count' cannot be null" +} + +done Property changes on: php/php-src/branches/PHP_5_3/ext/pdo_mysql/tests/bug53551.phpt ___________________________________________________________________ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native Modified: php/php-src/trunk/ext/pdo_mysql/mysql_statement.c =================================================================== --- php/php-src/trunk/ext/pdo_mysql/mysql_statement.c 2011-01-14 14:54:18 UTC (rev 307477) +++ php/php-src/trunk/ext/pdo_mysql/mysql_statement.c 2011-01-14 14:57:57 UTC (rev 307478) @@ -136,8 +136,7 @@ /* (re)bind the parameters */ if (mysql_stmt_bind_param(S->stmt, S->params) || mysql_stmt_execute(S->stmt)) { if (S->params) { - efree(S->params); - S->params = 0; + memset(S->params, 0, S->num_params * sizeof(MYSQL_BIND)); } pdo_mysql_error_stmt(stmt); if (mysql_stmt_errno(S->stmt) == 2057) { Added: php/php-src/trunk/ext/pdo_mysql/tests/bug53551.phpt =================================================================== --- php/php-src/trunk/ext/pdo_mysql/tests/bug53551.phpt (rev 0) +++ php/php-src/trunk/ext/pdo_mysql/tests/bug53551.phpt 2011-01-14 14:57:57 UTC (rev 307478) @@ -0,0 +1,73 @@ +--TEST-- +Bug #44327 (PDORow::queryString property & numeric offsets / Crash) +--SKIPIF-- +<?php +require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'skipif.inc'); +require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'); +MySQLPDOTest::skip(); +$db = MySQLPDOTest::factory(); +?> +--FILE-- +<?php +include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'; +$db = MySQLPDOTest::factory(); + +$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 0); + +$createSql = "CREATE TABLE `bug53551` ( + `count` bigint(20) unsigned NOT NULL DEFAULT '0' +)"; + +$db->exec('drop table if exists bug53551'); +$db->exec($createSql); +$db->exec("insert into bug53551 set `count` = 1 "); +$db->exec("SET sql_mode = 'Traditional'"); +$sql = 'UPDATE bug53551 SET `count` = :count'; +$stmt = $db->prepare($sql); + +$values = array ( + 'count' => NULL, +); + +echo "1\n"; +$stmt->execute($values); +var_dump($stmt->errorInfo()); + +echo "2\n"; +$stmt->execute($values); +var_dump($stmt->errorInfo()); + +echo "\ndone\n"; + +?> +--CLEAN-- +<?php +include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc'; +$db = MySQLPDOTest::factory(); +$db->exec('DROP TABLE IF EXISTS bug53551'); +?> +--EXPECTF-- +1 + +Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d +array(3) { + [0]=> + string(5) "23000" + [1]=> + int(1048) + [2]=> + string(29) "Column 'count' cannot be null" +} +2 + +Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d +array(3) { + [0]=> + string(5) "23000" + [1]=> + int(1048) + [2]=> + string(29) "Column 'count' cannot be null" +} + +done Property changes on: php/php-src/trunk/ext/pdo_mysql/tests/bug53551.phpt ___________________________________________________________________ Added: svn:keywords + Id Rev Revision Added: svn:eol-style + native
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php