php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #58522 Segfault when preparing a value in a like clause
Submitted: 2009-01-27 12:34 UTC Modified: 2009-03-06 03:51 UTC
From: tom at advancedatatools dot com Assigned:
Status: Open Package: PDO_INFORMIX (PECL)
PHP Version: 5.2.5 OS: Linux (Opensuse)
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tom at advancedatatools dot com
New email:
PHP Version: OS:

 

 [2009-01-27 12:34 UTC] tom at advancedatatools dot com 
Description:
------------
When using a prepared statement with a like clause with '%?%' the pdo driver segfaults. This should either work or throw an error.

Using it in the syntax of "fname like ?" and having the variable be "%Lud%" works as intended. This is minor but it should not be crashing.

Reproduce code:
---------------
<?

putenv("INFORMIXDIR=/opt/informix");
putenv("INFORMIXSERVER=llama");
$dbh = new PDO("informix:host=server; service=1516; database=stores_demo; server=server; protocol=onsoctcp;EnableScrollableCursors=1", "informix", "password");
$sqlline = "select fname from customer where fname like '%?%'";
$val = "Lud";
$sth = $dbh->prepare($sqlline);
$sth->execute(array($val));
$row = $sth->fetch();
print_r($row);


Expected result:
----------------
Array
(
    [FNAME] => Ludwig
    [0] => Ludwig
)


Actual result:
--------------
llama:/www/fht # php test.php
Segmentation fault

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-01-28 03:47 UTC] abhargav at in dot ibm dot com 
Hi,

Thanks for reporting this. I am able to reproduce this problem. 

Regards,
Ambrish Bhargava
 [2009-03-06 03:51 UTC] abhargav at in dot ibm dot com 
Hi,

The sample that you have provided is throwing SegV (I am working on this). But ideally the correct usage is as follows:

Right now you are doing:
>>>
$sqlline = "select fname from customer where fname like '%?%'";
$val = "Lud";
<<<

The modified way to do the same is as:
>>>
$sqlline = "select fname from customer where fname like ?";
$val = "%Lud%";
<<<

Please try above method and you will get expected results. At the same time I am also working on this SegV.

Regards,
Ambrish Bhargava
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 22:01:28 2024 UTC