php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #53323 pdo_firebird getAttribute() crash
Submitted: 2010-11-16 17:44 UTC Modified: 2010-11-16 22:04 UTC
From: preeves at ibphoenix dot com Assigned: felipe (profile)
Status: Closed Package: PDO related
PHP Version: 5.3.3 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: preeves at ibphoenix dot com
New email:
PHP Version: OS:

 

 [2010-11-16 17:44 UTC] preeves at ibphoenix dot com 
Description:
------------
There is a bug and a few omissions in firebird_handle_get_attribute.

Most significantly it declares tmp[200] which is used to store the server 
version. Unfortunately, a typical server version string is now over 300 bytes 
long. So this call just blows the driver out of the water, leaves this error 
in the apache log:

*** stack smashing detected ***: /usr/sbin/httpd2-prefork terminated                                                                                        
[Tue Nov 16 13:42:53 2010] [notice] child pid 11656 exit signal Segmentation
fault (11)

and the user is left staring at a server timeout error in the browser. This is 
easily fixed by declaring tmp[]  to be larger.

Less seriously, these attributes are not handled:

  PDO_ATTR_PREFETCH,
  PDO_ATTR_TIMEOUT,
  PDO_ATTR_FETCH_TABLE_NAMES

so if they are called outside a try..catch then the call will fail badly. It 
is not obvious that a try..catch should be required so it is probably better 
to just handle these cases in the driver.

I've attached a patch which fixes all of these issues.

Patches

php-5.3.3-pdo_firebird_driver_attributes.patch (last revision 2010-11-16 16:45 UTC by preeves at ibphoenix dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-16 22:02 UTC] felipe@php.net 
Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&revision=305416
Log: - Fixed bug #53323 (pdo_firebird getAttribute() crash)
  patch by: preeves at ibphoenix dot com
 [2010-11-16 22:04 UTC] felipe@php.net
-Summary: Some calls to pdo_firebird getAttribute crash +Summary: pdo_firebird getAttribute() crash -Status: Open +Status: Closed -Assigned To: +Assigned To: felipe
 [2010-11-16 22:04 UTC] felipe@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Thanks for the patch!

I've modified a bit the patch, I removed the lines adding PDO_ATTR_PREFETCH, PDO_ATTR_TIMEOUT, as this is not a pdo_firebird problem, but the pdo drivers works in this way.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Jan 29 23:01:30 2025 UTC