php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #72225 NULL is not correct escaped by mysqli.real-escape-string
Submitted: 2016-05-16 17:27 UTC Modified: 2016-05-16 17:55 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: dc at ftb-esv dot de Assigned:
Status: Not a bug Package: MySQLi related
PHP Version: 5.5.35 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dc at ftb-esv dot de
New email:
PHP Version: OS:

 

 [2016-05-16 17:27 UTC] dc at ftb-esv dot de 
Description:
------------
---
From manual page: http://www.php.net/mysqli.real-escape-string
---
real_escape_string escapes a NULL to "\0", but this is wrong!
It must be escaped to "\000" or conversions are wrong, if a digit follows.

Test script:
---------------
$a = "a\000" . "1b";
echo mysqli->real_escape_string($a);

RESULT:
a\01b => 'a' . '\01' . 'b'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-05-16 17:55 UTC] requinix@php.net
-Status: Open +Status: Not a bug -Package: *General Issues +Package: MySQLi related
 [2016-05-16 17:55 UTC] requinix@php.net 
MySQL does not have octal escape sequences.

mysql> SELECT "a\01b";
+------+
| a    |
+------+
| a 1b |
+------+
1 row in set (0.00 sec)

mysql> SELECT HEX("a\01b");
+--------------+
| HEX("a\01b") |
+--------------+
| 61003162     |
+--------------+
1 row in set (0.07 sec)
 [2016-05-18 07:59 UTC] dc at ftb-esv dot de 
With this new knowledge (mysql don't support octal escapes) I found the bug in a class of my company.

Thanks for response.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Dec 21 16:01:28 2024 UTC