[PHP-CVS] cvs: php-src /ext/mysqli mysqli_api.c /ext/mysqli/tests bug45019.phpt

Fri, 25 Jul 2008 05:45:44 -0700 

andrey          Fri Jul 25 12:45:27 2008 UTC

  Modified files:              
    /php-src/ext/mysqli mysqli_api.c 
    /php-src/ext/mysqli/tests   bug45019.phpt 
  Log:
  Fix bug#45019 Segmentation fault with SELECT ? and UNION
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/mysqli_api.c?r1=1.166&r2=1.167&diff_format=u
Index: php-src/ext/mysqli/mysqli_api.c
diff -u php-src/ext/mysqli/mysqli_api.c:1.166 
php-src/ext/mysqli/mysqli_api.c:1.167
--- php-src/ext/mysqli/mysqli_api.c:1.166       Thu Jul 17 09:52:51 2008
+++ php-src/ext/mysqli/mysqli_api.c     Fri Jul 25 12:45:27 2008
@@ -17,7 +17,7 @@
   |          Ulf Wendel <[EMAIL PROTECTED]>                                    
 |
   +----------------------------------------------------------------------+
 
-  $Id: mysqli_api.c,v 1.166 2008/07/17 09:52:51 dmitry Exp $ 
+  $Id: mysqli_api.c,v 1.167 2008/07/25 12:45:27 andrey Exp $ 
 */
 
 #ifdef HAVE_CONFIG_H
@@ -389,8 +389,13 @@
                                if (stmt->stmt->fields[ofs].max_length == 0 &&
                                        !mysql_stmt_attr_get(stmt->stmt, 
STMT_ATTR_UPDATE_MAX_LENGTH, &tmp) && !tmp)
                                {
-                                       stmt->result.buf[ofs].buflen =
-                                               (stmt->stmt->fields) ? 
(stmt->stmt->fields[ofs].length) ? stmt->stmt->fields[ofs].length + 1: 256: 256;
+                                       /*
+                                         Allocate directly 256 because it's 
easier to allocate a bit more
+                                         than update max length even for text 
columns. Try SELECT UNION SELECT UNION with
+                                         different lengths and you will see 
that we get different lengths in stmt->stmt->fields[ofs].length
+                                         The just take 256 and saves us from 
realloc-ing.
+                                       */
+                                       stmt->result.buf[ofs].buflen = 256;
                                } else {
                                        /*
                                                the user has called 
store_result(). if he does not there is no way to determine the
http://cvs.php.net/viewvc.cgi/php-src/ext/mysqli/tests/bug45019.phpt?r1=1.1&r2=1.2&diff_format=u
Index: php-src/ext/mysqli/tests/bug45019.phpt
diff -u php-src/ext/mysqli/tests/bug45019.phpt:1.1 
php-src/ext/mysqli/tests/bug45019.phpt:1.2
--- php-src/ext/mysqli/tests/bug45019.phpt:1.1  Thu Jul 24 14:17:27 2008
+++ php-src/ext/mysqli/tests/bug45019.phpt      Fri Jul 25 12:45:27 2008
@@ -57,7 +57,7 @@
                printf("[006] [%d] %s\n", $link->errno, $link->error);
 
        $column1 = null;
-       if (!$stmt->bind_result($column1) || !$stmt->execute())
+       if (!$stmt->execute() || !$stmt->bind_result($column1))
                printf("[007] [%d] %s\n", $stmt->errno, $stmt->error);
 
        $index = 0;
@@ -153,6 +153,6 @@
 string(3) "two"
 Testing bind_param(), strings only, with CAST AS CHAR...
 string(3) "one"
-string(5) "three beers are more than enough"
+string(32) "three beers are more than enough"
 string(3) "two"
-done!
\ No newline at end of file
+done!



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to