PHP :: Bug #57673 :: sqlite_escape_string handles NULL improperly

Bug #57673	sqlite_escape_string handles NULL improperly
Submitted:	2007-05-15 16:25 UTC	Modified:	2008-10-25 14:19 UTC
From:	phpbugs at wheelhouse dot org	Assigned:	kalle (profile)
Status:	Closed	Package:	SQLite (PECL)
PHP Version:	4.4.5	OS:	Any
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	phpbugs at wheelhouse dot org
New email:
PHP Version:		OS:

New Comment:

[2007-05-15 16:25 UTC] phpbugs at wheelhouse dot org

Description:
------------
This is a bug which has been "fixed in CVS" for nearly three years but still exists in the current "stable" version.

It causes bogus results.

Please release a new "stable" version of the sqlite PECL extension that fixes this bug and 11050.



Reproduce code:
---------------
diff -u sqlite.c- sqlite.c
--- sqlite.c-   Tue May 15 12:53:24 2007
+++ sqlite.c    Tue May 15 13:13:50 2007
@@ -1795,12 +1795,14 @@
                enclen = sqlite_encode_binary((const unsigned char*)string, stringlen, ret+1);
                RETVAL_STRINGL(ret, enclen+1, 0);
 
-       } else  {
+       } else if (stringlen)  {
                ret = sqlite_mprintf("%q", string);
                if (ret) {
                        RETVAL_STRING(ret, 1);
                        sqlite_freemem(ret);
                }
+       } else {
+               RETURN_EMPTY_STRING();
        }
 }
 /* }}} */


Expected result:
----------------
See http://bugs.php.net/bug.php?id=36867

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-10-24 18:05 UTC] kalle@php.net

This was also fixed in a PHP release, hence why no pecl release.

[2008-10-24 19:27 UTC] phpbugs at wheelhouse dot org

This bug is in reference to PHP 4, with which SQLite is not included.  Hence the need to fix it in PECL.

But at this very late date, PHP 4 support doesn't seem like a priority, so maybe this package should be pulled from PECL altogether.

[2008-10-25 08:20 UTC] kalle@php.net

This is ofcourse a bad mistake from the maintainers, but since at the time SQLite was moved into PHP5's source then it was mainly maintained there.

And I would expect a PHP4 release, its unsupported and no bugs are fixed for it anymore.

[2008-10-25 14:19 UTC] phpbugs at wheelhouse dot org

I assume you mean you would NOT expect a new release of this module since it is only used by PHP 4.

This many years late, I don't think I expected a new release either, so I guess that's that.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC