uw Mon, 14 Sep 2009 16:51:11 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=288336
Log: Backport of http://news.php.net/php.cvs/60381 to PHP 5_2 which fixes a potential crash with ext/mysqli and Prepared Statements if the MySQL Server sends faulty metadata, see also http://news.php.net/php.cvs/60389 . I don't know of a way to crash PHP using a recent MySQL. But metadata has been a troublemaker in the past. Just in case... Changed paths: U php/php-src/branches/PHP_5_2/ext/mysqli/mysqli_api.c U php/php-src/branches/PHP_5_2/ext/mysqli/php_mysqli.h Modified: php/php-src/branches/PHP_5_2/ext/mysqli/mysqli_api.c =================================================================== --- php/php-src/branches/PHP_5_2/ext/mysqli/mysqli_api.c 2009-09-14 16:14:48 UTC (rev 288335) +++ php/php-src/branches/PHP_5_2/ext/mysqli/mysqli_api.c 2009-09-14 16:51:11 UTC (rev 288336) @@ -364,7 +364,7 @@ bind[ofs].buffer = stmt->result.buf[ofs].val; bind[ofs].is_null = &stmt->result.is_null[ofs]; bind[ofs].buffer_length = stmt->result.buf[ofs].buflen; - bind[ofs].length = &stmt->result.buf[ofs].buflen; + bind[ofs].length = &stmt->result.buf[ofs].output_len; break; } default: @@ -735,7 +735,7 @@ #else { #endif - ZVAL_STRINGL(stmt->result.vars[i], stmt->result.buf[i].val, stmt->result.buf[i].buflen, 1); + ZVAL_STRINGL(stmt->result.vars[i], stmt->result.buf[i].val, stmt->result.buf[i].output_len, 1); } } break; Modified: php/php-src/branches/PHP_5_2/ext/mysqli/php_mysqli.h =================================================================== --- php/php-src/branches/PHP_5_2/ext/mysqli/php_mysqli.h 2009-09-14 16:14:48 UTC (rev 288335) +++ php/php-src/branches/PHP_5_2/ext/mysqli/php_mysqli.h 2009-09-14 16:51:11 UTC (rev 288336) @@ -52,8 +52,9 @@ }; typedef struct { + char *val; ulong buflen; - char *val; + ulong output_len; ulong type; } VAR_BUFFER;
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php