php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74076 ibase_affected_rows with non resource as parameter causes Segmentation Fault
Submitted: 2017-02-10 12:43 UTC Modified: 2021-03-31 11:38 UTC
From: netvicious at gmail dot com Assigned:
Status: Suspended Package: InterBase related
PHP Version: 7.0.15 OS: Ubuntu 16.04.2 LTS
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: netvicious at gmail dot com
New email:
PHP Version: OS:

 

 [2017-02-10 12:43 UTC] netvicious at gmail dot com
Description:
------------
The ibase_affected_rows function has one optional parameter which it's a resource link to a Interbase/Firebird database.

If we pass a non-resource link to this function it generates a Segmentation Fault

Test script:
---------------
// Bad parameter in ibase_affected_rows

$conx = ibase_connect($bd_file, $bd_user, $bd_pass, 'NONE');
$sql = 'UPDATE some_table SET some_field = ? WHERE some_id = xx';
$prep = ibase_prepare( $sql );		
$query = ibase_execute( $prep, $field_value);
if (ibase_affected_rows($query) != 1) ) {
echo "ok"
} else {
echo "error";
}

// Correct way
$conx = ibase_connect($bd_file, $bd_user, $bd_pass, 'NONE');
$sql = 'UPDATE some_table SET some_field = ? WHERE some_id = xx';
$prep = ibase_prepare( $sql );		
$query = ibase_execute( $prep, $field_value);
if (ibase_affected_rows($conx) != 1) ) {
echo "ok"
} else {
echo "error";
}

Expected result:
----------------
PHP should check if the passed variable it's a resource link, and in case it's not, it should generate one error, instead of a segmentation fault which gives no information to the developer for fix the problem.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-03-23 18:06 UTC] lester at lsces dot co dot uk
Putting anything other than a resource link in as a parameter simply gives an error. Using the wrong resource link gives a crash, so using $prep rather than $conx causes a problem rather than the $query in the test script.
 [2021-03-31 11:38 UTC] cmb@php.net
-Status: Open +Status: Suspended
 [2021-03-31 11:38 UTC] cmb@php.net
The interbase extension is moved to PECL[1] as of PHP 7.4.0, and
is looking for a new maintainer.  Until a new maintainer is found,
I suspend this ticket.

Consider to use the bundled PDO_Firebird extension, or the
php-firebird package[2] instead.

[1] <https://pecl.php.net/package/interbase>
[2] <https://github.com/FirebirdSQL/php-firebird>
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Dec 27 03:01:28 2024 UTC