andrey Thu Sep 6 10:07:43 2007 UTC Modified files: (Branch: PHP_5_2) /php-src NEWS /php-src/ext/mysqli mysqli_api.c mysqli_nonapi.c /php-src/ext/mysqli/tests bug38710.phpt Log: Fixed leaks with multiple connects using one mysqli object. HEAD will be fixed during the next mysqlnd merge Fixed failing test for bug38710, 5.0 version is bad, 5.1 is ok. http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.931&r2=1.2027.2.547.2.932&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.931 php-src/NEWS:1.2027.2.547.2.932 --- php-src/NEWS:1.2027.2.547.2.931 Wed Sep 5 12:36:44 2007 +++ php-src/NEWS Thu Sep 6 10:07:42 2007 @@ -1,6 +1,7 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 20??, PHP 5.2.5 +- Fixed leaks with mulitple connects on one mysqli object. (Andrey) - Fixed endianness detection on MacOS when building universal binary. (Uwe Schindler, Christian Speich, Tony) - Fixed possible buffer overflows inside the fnmatch() and glob() functions http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/mysqli_api.c?r1=1.118.2.22.2.15&r2=1.118.2.22.2.16&diff_format=u Index: php-src/ext/mysqli/mysqli_api.c diff -u php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.15 php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.16 --- php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.15 Wed Sep 5 12:36:44 2007 +++ php-src/ext/mysqli/mysqli_api.c Thu Sep 6 10:07:42 2007 @@ -15,7 +15,7 @@ | Author: Georg Richter <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ - $Id: mysqli_api.c,v 1.118.2.22.2.15 2007/09/05 12:36:44 andrey Exp $ + $Id: mysqli_api.c,v 1.118.2.22.2.16 2007/09/06 10:07:42 andrey Exp $ */ #ifdef HAVE_CONFIG_H @@ -458,6 +458,7 @@ MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link", MYSQLI_STATUS_INITIALIZED); mysql_close(mysql->mysql); + mysql->mysql = NULL; php_clear_mysql(mysql); efree(mysql); MYSQLI_CLEAR_RESOURCE(&mysql_link); http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/mysqli_nonapi.c?r1=1.54.2.7.2.4&r2=1.54.2.7.2.5&diff_format=u Index: php-src/ext/mysqli/mysqli_nonapi.c diff -u php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.4 php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.5 --- php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.4 Mon Apr 23 09:27:07 2007 +++ php-src/ext/mysqli/mysqli_nonapi.c Thu Sep 6 10:07:42 2007 @@ -15,7 +15,7 @@ | Author: Georg Richter <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ - $Id: mysqli_nonapi.c,v 1.54.2.7.2.4 2007/04/23 09:27:07 tony2001 Exp $ + $Id: mysqli_nonapi.c,v 1.54.2.7.2.5 2007/09/06 10:07:42 andrey Exp $ */ #ifdef HAVE_CONFIG_H @@ -33,8 +33,8 @@ Open a connection to a mysql server */ PHP_FUNCTION(mysqli_connect) { - MY_MYSQL *mysql; - MYSQLI_RESOURCE *mysqli_resource; + MY_MYSQL *mysql = NULL; + MYSQLI_RESOURCE *mysqli_resource = NULL; zval *object = getThis(); char *hostname = NULL, *username=NULL, *passwd=NULL, *dbname=NULL, *socket=NULL; unsigned int hostname_len = 0, username_len = 0, passwd_len = 0, dbname_len = 0, socket_len = 0; @@ -67,7 +67,22 @@ } } - mysql = (MY_MYSQL *) ecalloc(1, sizeof(MY_MYSQL)); + if (object && instanceof_function(Z_OBJCE_P(object), mysqli_link_class_entry TSRMLS_CC)) { + mysqli_resource = ((mysqli_object *) zend_object_store_get_object(object TSRMLS_CC))->ptr; + if (mysqli_resource && mysqli_resource->ptr && + mysqli_resource->status >= MYSQLI_STATUS_INITIALIZED) + { + mysql = (MY_MYSQL*)mysqli_resource->ptr; + php_clear_mysql(mysql); + if (mysql->mysql) { + mysql_close(mysql->mysql); + mysql->mysql = NULL; + } + } + } + if (!mysql) { + mysql = (MY_MYSQL *) ecalloc(1, sizeof(MY_MYSQL)); + } if (!(mysql->mysql = mysql_init(NULL))) { efree(mysql); @@ -110,8 +125,10 @@ /* set our own local_infile handler */ php_set_local_infile_handler_default(mysql); - mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE)); - mysqli_resource->ptr = (void *)mysql; + if (!mysqli_resource) { + mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE)); + mysqli_resource->ptr = (void *)mysql; + } mysqli_resource->status = MYSQLI_STATUS_VALID; if (!object || !instanceof_function(Z_OBJCE_P(object), mysqli_link_class_entry TSRMLS_CC)) { http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/tests/bug38710.phpt?r1=1.1.2.3&r2=1.1.2.4&diff_format=u Index: php-src/ext/mysqli/tests/bug38710.phpt diff -u php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.3 php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.4 --- php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.3 Wed Sep 5 12:36:44 2007 +++ php-src/ext/mysqli/tests/bug38710.phpt Thu Sep 6 10:07:42 2007 @@ -1,7 +1,9 @@ --TEST-- Bug #38710 (data leakage because of nonexisting boundary checking in statements) --SKIPIF-- -<?php require_once('skipif.inc'); ?> +<?php +require_once('skipif.inc'); +?> --FILE-- <?php include "connect.inc"; @@ -12,8 +14,10 @@ $qry->execute(); $qry->bind_result($text); $qry->fetch(); -var_dump(strlen($text), md5($text)); +if ($text !== str_repeat('a', mysqli_get_server_version($db) > 50110? 100000:(mysqli_get_server_version($db)>=50000? 8193:8191))) { + var_dump(strlen($text)); +} +echo "Done"; ?> --EXPECTF-- -int(100000) -string(32) "1af6d6f2f682f76f80e606aeaaee1680" +Done
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php