From 22b42afaee7fc18019696faaa0bf6146f5fbea65 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Johannes=20Schl=C3=BCter?= <johannes@php.net>
Date: Fri, 14 Jan 2011 14:57:57 +0000
Subject: [PATCH] - Fix #53551 (PDOStatement execute segfaults for pdo_mysql
driver)
---
NEWS | 4 ++
ext/pdo_mysql/mysql_statement.c | 3 +-
ext/pdo_mysql/tests/bug53551.phpt | 73 +++++++++++++++++++++++++++++++++++++
3 files changed, 78 insertions(+), 2 deletions(-)
create mode 100644 ext/pdo_mysql/tests/bug53551.phpt
diff --git a/ext/pdo_mysql/mysql_statement.c b/ext/pdo_mysql/mysql_statement.c
index a431598..79694b3 100755
--- a/ext/pdo_mysql/mysql_statement.c
+++ b/ext/pdo_mysql/mysql_statement.c
@@ -142,8 +142,7 @@ static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt TSRMLS_DC)
/* (re)bind the parameters */
if (mysql_stmt_bind_param(S->stmt, S->params) || mysql_stmt_execute(S->stmt)) {
if (S->params) {
- efree(S->params);
- S->params = 0;
+ memset(S->params, 0, S->num_params * sizeof(MYSQL_BIND));
}
pdo_mysql_error_stmt(stmt);
if (mysql_stmt_errno(S->stmt) == 2057) {
diff --git a/ext/pdo_mysql/tests/bug53551.phpt b/ext/pdo_mysql/tests/bug53551.phpt
new file mode 100644
index 0000000..865dcea
--- /dev/null
+++ b/ext/pdo_mysql/tests/bug53551.phpt
@@ -0,0 +1,73 @@
+--TEST--
+Bug #44327 (PDORow::queryString property & numeric offsets / Crash)
+--SKIPIF--
+<?php
+require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'skipif.inc');
+require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
+MySQLPDOTest::skip();
+$db = MySQLPDOTest::factory();
+?>
+--FILE--
+<?php
+include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc';
+$db = MySQLPDOTest::factory();
+
+$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 0);
+
+$createSql = "CREATE TABLE `bug53551` (
+ `count` bigint(20) unsigned NOT NULL DEFAULT '0'
+)";
+
+$db->exec('drop table if exists bug53551');
+$db->exec($createSql);
+$db->exec("insert into bug53551 set `count` = 1 ");
+$db->exec("SET sql_mode = 'Traditional'");
+$sql = 'UPDATE bug53551 SET `count` = :count';
+$stmt = $db->prepare($sql);
+
+$values = array (
+ 'count' => NULL,
+);
+
+echo "1\n";
+$stmt->execute($values);
+var_dump($stmt->errorInfo());
+
+echo "2\n";
+$stmt->execute($values);
+var_dump($stmt->errorInfo());
+
+echo "\ndone\n";
+
+?>
+--CLEAN--
+<?php
+include __DIR__ . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc';
+$db = MySQLPDOTest::factory();
+$db->exec('DROP TABLE IF EXISTS bug53551');
+?>
+--EXPECTF--
+1
+
+Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d
+array(3) {
+ [0]=>
+ string(5) "23000"
+ [1]=>
+ int(1048)
+ [2]=>
+ string(29) "Column 'count' cannot be null"
+}
+2
+
+Warning: PDOStatement::execute(): SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'count' cannot be null in %s on line %d
+array(3) {
+ [0]=>
+ string(5) "23000"
+ [1]=>
+ int(1048)
+ [2]=>
+ string(29) "Column 'count' cannot be null"
+}
+
+done
--
1.7.8
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
56662f8135650f8f8f84b2c96c004eb0
>
files
>
71
