php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #71943 dblib_handle_quoter needs to allocate an extra byte
Submitted: 2016-04-01 15:22 UTC Modified: -
From: adam dot baratz at gmail dot com Assigned:
Status: Closed Package: PDO DBlib
PHP Version: 7.0.5 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: adam dot baratz at gmail dot com
New email:
PHP Version: OS:

 

 [2016-04-01 15:22 UTC] adam dot baratz at gmail dot com 
Description:
------------
The provided test produces the correct results, but a leak is detected when run with valgrind:

==25754== Invalid write of size 1
==25754==    at 0xF16C0F8: dblib_handle_quoter (dblib_driver.c:198)
==25754==    by 0x792AD4: zim_PDO_quote (pdo_dbh.c:1149)
==25754==    by 0xA8EF54: ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:1222)
==25754==    by 0xA8D20F: execute_ex (zend_vm_execute.h:424)
==25754==    by 0xA8D324: zend_execute (zend_vm_execute.h:468)
==25754==    by 0xA30E11: zend_execute_scripts (zend.c:1427)
==25754==    by 0x9A26A5: php_execute_script (main.c:2494)
==25754==    by 0xB0AE82: do_cli (php_cli.c:982)
==25754==    by 0xB0BE30: main (php_cli.c:1352)
==25754==  Address 0xf73a7b3 is 0 bytes after a block of size 3 alloc'd
==25754==    at 0x4C28C20: malloc (vg_replace_malloc.c:296)
==25754==    by 0x9FC76B: _emalloc (zend_alloc.c:2446)
==25754==    by 0xF16C056: dblib_handle_quoter (dblib_driver.c:184)
==25754==    by 0x792AD4: zim_PDO_quote (pdo_dbh.c:1149)
==25754==    by 0xA8EF54: ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER (zend_vm_execute.h:1222)
==25754==    by 0xA8D20F: execute_ex (zend_vm_execute.h:424)
==25754==    by 0xA8D324: zend_execute (zend_vm_execute.h:468)
==25754==    by 0xA30E11: zend_execute_scripts (zend.c:1427)
==25754==    by 0x9A26A5: php_execute_script (main.c:2494)
==25754==    by 0xB0AE82: do_cli (php_cli.c:982)
==25754==    by 0xB0BE30: main (php_cli.c:1352)
==25754== 


Test script:
---------------
--TEST--
PDO_DBLIB: Ensure quote function returns expected results
--SKIPIF--
<?php
if (!extension_loaded('pdo_dblib')) die('skip not loaded');
require dirname(__FILE__) . '/config.inc';
?>
--FILE--
<?php
require dirname(__FILE__) . '/config.inc';
var_dump($db->quote(true, PDO::PARAM_BOOL));
var_dump($db->quote(false, PDO::PARAM_BOOL));
var_dump($db->quote(42, PDO::PARAM_INT));
var_dump($db->quote(null, PDO::PARAM_NULL));
var_dump($db->quote('\'', PDO::PARAM_STR));
var_dump($db->quote('foo', PDO::PARAM_STR));
?>
--EXPECT--
string(3) "'1'"
string(2) "''"
string(4) "'42'"
string(2) "''"
string(4) "''''"
string(5) "'foo'"

Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-04-04 15:43 UTC] ab@php.net 
Automatic comment on behalf of adam.baratz@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9fcfc18ca9a38ed318f8a7026c0eda27aed79f28
Log: Fix #71943: dblib_handle_quoter needs to allocate an extra byte
 [2016-04-04 15:43 UTC] ab@php.net
-Status: Open +Status: Closed
 [2016-07-20 11:32 UTC] davey@php.net 
Automatic comment on behalf of adam.baratz@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9fcfc18ca9a38ed318f8a7026c0eda27aed79f28
Log: Fix #71943: dblib_handle_quoter needs to allocate an extra byte
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 13:01:29 2024 UTC