tony2001 Mon Oct 10 08:59:47 2005 EDT Modified files: /php-src/ext/mysqli mysqli_api.c mysqli_nonapi.c mysqli_warning.c php_mysqli.h /php-src/ext/mysqli/tests bug34810.phpt Log: MF51: fix #34810 (mysqli::init() and others use wrong $this pointer without checks) http://cvs.php.net/diff.php/php-src/ext/mysqli/mysqli_api.c?r1=1.121&r2=1.122&ty=u Index: php-src/ext/mysqli/mysqli_api.c diff -u php-src/ext/mysqli/mysqli_api.c:1.121 php-src/ext/mysqli/mysqli_api.c:1.122 --- php-src/ext/mysqli/mysqli_api.c:1.121 Sun Oct 9 13:57:37 2005 +++ php-src/ext/mysqli/mysqli_api.c Mon Oct 10 08:59:47 2005 @@ -15,7 +15,7 @@ | Author: Georg Richter <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ - $Id: mysqli_api.c,v 1.121 2005/10/09 17:57:37 andrey Exp $ + $Id: mysqli_api.c,v 1.122 2005/10/10 12:59:47 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H @@ -1033,7 +1033,7 @@ mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE)); mysqli_resource->ptr = (void *)mysql; - if (!getThis()) { + if (!getThis() || !instanceof_function(Z_OBJCE_P(getThis()), mysqli_link_class_entry TSRMLS_CC)) { MYSQLI_RETURN_RESOURCE(mysqli_resource, mysqli_link_class_entry); } else { ((mysqli_object *) zend_object_store_get_object(getThis() TSRMLS_CC))->ptr = mysqli_resource; http://cvs.php.net/diff.php/php-src/ext/mysqli/mysqli_nonapi.c?r1=1.54&r2=1.55&ty=u Index: php-src/ext/mysqli/mysqli_nonapi.c diff -u php-src/ext/mysqli/mysqli_nonapi.c:1.54 php-src/ext/mysqli/mysqli_nonapi.c:1.55 --- php-src/ext/mysqli/mysqli_nonapi.c:1.54 Sat Aug 6 12:56:42 2005 +++ php-src/ext/mysqli/mysqli_nonapi.c Mon Oct 10 08:59:47 2005 @@ -15,7 +15,7 @@ | Author: Georg Richter <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ - $Id: mysqli_nonapi.c,v 1.54 2005/08/06 16:56:42 andrey Exp $ + $Id: mysqli_nonapi.c,v 1.55 2005/10/10 12:59:47 tony2001 Exp $ */ #ifdef HAVE_CONFIG_H @@ -112,7 +112,7 @@ mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE)); mysqli_resource->ptr = (void *)mysql; - if (!object) { + if (!object || !instanceof_function(Z_OBJCE_P(object), mysqli_link_class_entry TSRMLS_CC)) { MYSQLI_RETURN_RESOURCE(mysqli_resource, mysqli_link_class_entry); } else { ((mysqli_object *) zend_object_store_get_object(object TSRMLS_CC))->ptr = mysqli_resource; http://cvs.php.net/diff.php/php-src/ext/mysqli/mysqli_warning.c?r1=1.5&r2=1.6&ty=u Index: php-src/ext/mysqli/mysqli_warning.c diff -u php-src/ext/mysqli/mysqli_warning.c:1.5 php-src/ext/mysqli/mysqli_warning.c:1.6 --- php-src/ext/mysqli/mysqli_warning.c:1.5 Wed Aug 3 10:07:31 2005 +++ php-src/ext/mysqli/mysqli_warning.c Mon Oct 10 08:59:47 2005 @@ -201,8 +201,8 @@ mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE)); mysqli_resource->ptr = mysqli_resource->info = (void *)w; - if (!getThis()) { - MYSQLI_RETURN_RESOURCE(mysqli_resource, mysqli_link_class_entry); + if (!getThis() || !instanceof_function(Z_OBJCE_P(getThis()), mysqli_warning_class_entry TSRMLS_CC)) { + MYSQLI_RETURN_RESOURCE(mysqli_resource, mysqli_warning_class_entry); } else { ((mysqli_object *) zend_object_store_get_object(getThis() TSRMLS_CC))->ptr = mysqli_resource; ((mysqli_object *) zend_object_store_get_object(getThis() TSRMLS_CC))->valid = 1; http://cvs.php.net/diff.php/php-src/ext/mysqli/php_mysqli.h?r1=1.54&r2=1.55&ty=u Index: php-src/ext/mysqli/php_mysqli.h diff -u php-src/ext/mysqli/php_mysqli.h:1.54 php-src/ext/mysqli/php_mysqli.h:1.55 --- php-src/ext/mysqli/php_mysqli.h:1.54 Wed Aug 3 10:07:31 2005 +++ php-src/ext/mysqli/php_mysqli.h Mon Oct 10 08:59:47 2005 @@ -15,7 +15,7 @@ | Author: Georg Richter <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ - $Id: php_mysqli.h,v 1.54 2005/08/03 14:07:31 sniper Exp $ + $Id: php_mysqli.h,v 1.55 2005/10/10 12:59:47 tony2001 Exp $ */ /* A little hack to prevent build break, when mysql is used together with @@ -191,7 +191,7 @@ #define MYSQLI_REGISTER_RESOURCE(__ptr, __ce) \ {\ zval *object = getThis();\ - if (!object) {\ + if (!object || !instanceof_function(Z_OBJCE_P(object), mysqli_link_class_entry TSRMLS_CC)) {\ object = return_value;\ Z_TYPE_P(object) = IS_OBJECT;\ (object)->value.obj = mysqli_objects_new(__ce TSRMLS_CC);\ http://cvs.php.net/diff.php/php-src/ext/mysqli/tests/bug34810.phpt?r1=1.1&r2=1.2&ty=u Index: php-src/ext/mysqli/tests/bug34810.phpt diff -u /dev/null php-src/ext/mysqli/tests/bug34810.phpt:1.2 --- /dev/null Mon Oct 10 08:59:47 2005 +++ php-src/ext/mysqli/tests/bug34810.phpt Mon Oct 10 08:59:47 2005 @@ -0,0 +1,38 @@ +--TEST-- +bug #34810 (mysqli::init() and others use wrong $this pointer without checks) +--SKIPIF-- +<?php require_once('skipif.inc'); ?> +--FILE-- +<?php + +class DbConnection { + public function connect() { + include "connect.inc"; + + $link = mysqli::connect($host, $user, $passwd); + var_dump($link); + + $link = mysqli::init(); + var_dump($link); + + $mysql = new mysqli($host, $user, $passwd, "test"); + $mysql->query("DROP TABLE IF EXISTS test_warnings"); + $mysql->query("CREATE TABLE test_warnings (a int not null)"); + $mysql->query("INSERT INTO test_warnings VALUES (1),(2),(NULL)"); + var_dump(mysqli_warning::__construct($mysql)); + } +} + +$db = new DbConnection(); +$db->connect(); + +echo "Done\n"; +?> +--EXPECTF-- +object(mysqli)#%d (0) { +} +object(mysqli)#%d (0) { +} +object(mysqli_warning)#%d (0) { +} +Done
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php