PHP :: Bug #57204 :: sqlite_escape_string tries to consume infinite memory

Bug #57204	sqlite_escape_string tries to consume infinite memory
Submitted:	2006-08-29 17:29 UTC	Modified:	2006-10-11 20:17 UTC
From:	jose at psabs dot com dot br	Assigned:
Status:	Closed	Package:	SQLite (PECL)
PHP Version:	4.4.1	OS:	Linux amd64
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	jose at psabs dot com dot br
New email:
PHP Version:		OS:

New Comment:

[2006-08-29 17:29 UTC] jose at psabs dot com dot br

Description:
------------
On amd64 the sqlite_escape_string function is faulty and causes PHP to
kill the script due to PHP's internal memory limit being reached.

There was a patch to solve this bug,  look at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361605
for more information.


An example script that reproduces this problem is:

<?php
echo sqlite_escape_string("a");
?>

Running this script will result in an error message such as:

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate -1969234011 bytes) in /var/www/test.php on line 2

The string passed to sqlite_escape_string and the value of the PHP
memory limit do not effect the behaviour of the bug. The number of bytes
attempted to allocate seems completely bogus.

php5-sqlite (linked against the same libsqlite0) is not affected and
neither is php4-sqlite on i386.

This bug is currently breaking the PHPwiki package on amd64 systems.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-10-11 20:17 UTC] ilia at prohost dot org

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue May 13 13:01:27 2025 UTC