php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #60948 mysqlnd FTBFS when -Wformat-security is enabled
Submitted: 2012-02-01 13:10 UTC Modified: 2012-03-05 23:57 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: ondrej@php.net Assigned: mysql (profile)
Status: Closed Package: MySQL related
PHP Version: 5.4.0RC6 OS: Any
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: ondrej@php.net
New email:
PHP Version: OS:

 

 [2012-02-01 13:10 UTC] ondrej@php.net 
Description:
------------
$ svn diff
Index: ext/mysqlnd/mysqlnd_wireprotocol.c
===================================================================
--- ext/mysqlnd/mysqlnd_wireprotocol.c	(revision 322993)
+++ ext/mysqlnd/mysqlnd_wireprotocol.c	(working copy)
@@ -500,7 +500,7 @@
 			const char * const msg = "Authentication data too long. 
"
 				"Won't fit into the buffer and will be 
truncated. Authentication will thus fail";
 			SET_CLIENT_ERROR(*conn->error_info, CR_UNKNOWN_ERROR, 
UNKNOWN_SQLSTATE, msg);
-			php_error_docref(NULL TSRMLS_CC, E_WARNING, msg);
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", msg);
 			DBG_RETURN(0);
 		}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-02-01 13:34 UTC] johannes@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: mysql
 [2012-02-01 13:34 UTC] johannes@php.net 
Patch looks good, checking with RM before committing.
 [2012-02-01 13:37 UTC] johannes@php.net 
As a remark: The patch is not strictly needed - the msg is a const char* without any risk of injecting anything ... therefore not critical.
 [2012-03-05 23:55 UTC] johannes@php.net 
Automatic comment from SVN on behalf of johannes
Revision: http://svn.php.net/viewvc/?view=revision&revision=323929
Log: Fix bug #60948 mysqlnd FTBFS when -Wformat-security is enabled

# 5.3 not affected
 [2012-03-05 23:57 UTC] johannes@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2012-03-05 23:57 UTC] johannes@php.net
-Status: Assigned +Status: Closed
 [2012-04-18 09:45 UTC] laruence@php.net 
Automatic comment on behalf of johannes
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c4a33e7067c9909dbf54193db4e0fecc493b366
Log: Fix bug #60948 mysqlnd FTBFS when -Wformat-security is enabled
 [2012-07-24 23:36 UTC] rasmus@php.net 
Automatic comment on behalf of johannes
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c4a33e7067c9909dbf54193db4e0fecc493b366
Log: Fix bug #60948 mysqlnd FTBFS when -Wformat-security is enabled
 [2013-11-17 09:33 UTC] laruence@php.net 
Automatic comment on behalf of johannes
Revision: http://git.php.net/?p=php-src.git;a=commit;h=4c4a33e7067c9909dbf54193db4e0fecc493b366
Log: Fix bug #60948 mysqlnd FTBFS when -Wformat-security is enabled
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 12:01:29 2024 UTC