andrey Thu Sep 6 10:07:43 2007 UTC
Modified files: (Branch: PHP_5_2)
/php-src NEWS
/php-src/ext/mysqli mysqli_api.c mysqli_nonapi.c
/php-src/ext/mysqli/tests bug38710.phpt
Log:
Fixed leaks with multiple connects using one mysqli object.
HEAD will be fixed during the next mysqlnd merge
Fixed failing test for bug38710, 5.0 version is bad, 5.1 is ok.
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.931&r2=1.2027.2.547.2.932&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.931 php-src/NEWS:1.2027.2.547.2.932
--- php-src/NEWS:1.2027.2.547.2.931 Wed Sep 5 12:36:44 2007
+++ php-src/NEWS Thu Sep 6 10:07:42 2007
@@ -1,6 +1,7 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 20??, PHP 5.2.5
+- Fixed leaks with mulitple connects on one mysqli object. (Andrey)
- Fixed endianness detection on MacOS when building universal binary.
(Uwe Schindler, Christian Speich, Tony)
- Fixed possible buffer overflows inside the fnmatch() and glob() functions
http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/mysqli_api.c?r1=1.118.2.22.2.15&r2=1.118.2.22.2.16&diff_format=u
Index: php-src/ext/mysqli/mysqli_api.c
diff -u php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.15
php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.16
--- php-src/ext/mysqli/mysqli_api.c:1.118.2.22.2.15 Wed Sep 5 12:36:44 2007
+++ php-src/ext/mysqli/mysqli_api.c Thu Sep 6 10:07:42 2007
@@ -15,7 +15,7 @@
| Author: Georg Richter <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
- $Id: mysqli_api.c,v 1.118.2.22.2.15 2007/09/05 12:36:44 andrey Exp $
+ $Id: mysqli_api.c,v 1.118.2.22.2.16 2007/09/06 10:07:42 andrey Exp $
*/
#ifdef HAVE_CONFIG_H
@@ -458,6 +458,7 @@
MYSQLI_FETCH_RESOURCE(mysql, MY_MYSQL *, &mysql_link, "mysqli_link",
MYSQLI_STATUS_INITIALIZED);
mysql_close(mysql->mysql);
+ mysql->mysql = NULL;
php_clear_mysql(mysql);
efree(mysql);
MYSQLI_CLEAR_RESOURCE(&mysql_link);
http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/mysqli_nonapi.c?r1=1.54.2.7.2.4&r2=1.54.2.7.2.5&diff_format=u
Index: php-src/ext/mysqli/mysqli_nonapi.c
diff -u php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.4
php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.5
--- php-src/ext/mysqli/mysqli_nonapi.c:1.54.2.7.2.4 Mon Apr 23 09:27:07 2007
+++ php-src/ext/mysqli/mysqli_nonapi.c Thu Sep 6 10:07:42 2007
@@ -15,7 +15,7 @@
| Author: Georg Richter <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
- $Id: mysqli_nonapi.c,v 1.54.2.7.2.4 2007/04/23 09:27:07 tony2001 Exp $
+ $Id: mysqli_nonapi.c,v 1.54.2.7.2.5 2007/09/06 10:07:42 andrey Exp $
*/
#ifdef HAVE_CONFIG_H
@@ -33,8 +33,8 @@
Open a connection to a mysql server */
PHP_FUNCTION(mysqli_connect)
{
- MY_MYSQL *mysql;
- MYSQLI_RESOURCE *mysqli_resource;
+ MY_MYSQL *mysql = NULL;
+ MYSQLI_RESOURCE *mysqli_resource = NULL;
zval *object = getThis();
char *hostname = NULL, *username=NULL,
*passwd=NULL, *dbname=NULL, *socket=NULL;
unsigned int hostname_len = 0, username_len = 0, passwd_len
= 0, dbname_len = 0, socket_len = 0;
@@ -67,7 +67,22 @@
}
}
- mysql = (MY_MYSQL *) ecalloc(1, sizeof(MY_MYSQL));
+ if (object && instanceof_function(Z_OBJCE_P(object),
mysqli_link_class_entry TSRMLS_CC)) {
+ mysqli_resource = ((mysqli_object *)
zend_object_store_get_object(object TSRMLS_CC))->ptr;
+ if (mysqli_resource && mysqli_resource->ptr &&
+ mysqli_resource->status >= MYSQLI_STATUS_INITIALIZED)
+ {
+ mysql = (MY_MYSQL*)mysqli_resource->ptr;
+ php_clear_mysql(mysql);
+ if (mysql->mysql) {
+ mysql_close(mysql->mysql);
+ mysql->mysql = NULL;
+ }
+ }
+ }
+ if (!mysql) {
+ mysql = (MY_MYSQL *) ecalloc(1, sizeof(MY_MYSQL));
+ }
if (!(mysql->mysql = mysql_init(NULL))) {
efree(mysql);
@@ -110,8 +125,10 @@
/* set our own local_infile handler */
php_set_local_infile_handler_default(mysql);
- mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1,
sizeof(MYSQLI_RESOURCE));
- mysqli_resource->ptr = (void *)mysql;
+ if (!mysqli_resource) {
+ mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1,
sizeof(MYSQLI_RESOURCE));
+ mysqli_resource->ptr = (void *)mysql;
+ }
mysqli_resource->status = MYSQLI_STATUS_VALID;
if (!object || !instanceof_function(Z_OBJCE_P(object),
mysqli_link_class_entry TSRMLS_CC)) {
http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/tests/bug38710.phpt?r1=1.1.2.3&r2=1.1.2.4&diff_format=u
Index: php-src/ext/mysqli/tests/bug38710.phpt
diff -u php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.3
php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.4
--- php-src/ext/mysqli/tests/bug38710.phpt:1.1.2.3 Wed Sep 5 12:36:44 2007
+++ php-src/ext/mysqli/tests/bug38710.phpt Thu Sep 6 10:07:42 2007
@@ -1,7 +1,9 @@
--TEST--
Bug #38710 (data leakage because of nonexisting boundary checking in
statements)
--SKIPIF--
-<?php require_once('skipif.inc'); ?>
+<?php
+require_once('skipif.inc');
+?>
--FILE--
<?php
include "connect.inc";
@@ -12,8 +14,10 @@
$qry->execute();
$qry->bind_result($text);
$qry->fetch();
-var_dump(strlen($text), md5($text));
+if ($text !== str_repeat('a', mysqli_get_server_version($db) > 50110?
100000:(mysqli_get_server_version($db)>=50000? 8193:8191))) {
+ var_dump(strlen($text));
+}
+echo "Done";
?>
--EXPECTF--
-int(100000)
-string(32) "1af6d6f2f682f76f80e606aeaaee1680"
+Done
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
