php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #73589 segfault in pdo_dblib_error_handler
Submitted: 2016-11-23 13:52 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: adambaratz@php.net Assigned:
Status: Open Package: PDO DBlib
PHP Version: 7.0.13 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: adambaratz@php.net
New email:
PHP Version: OS:

 

 [2016-11-23 13:52 UTC] adambaratz@php.net 
Description:
------------
If einfo is provided by dbgetuserdata, a segfault occurs at the strcpy at the end of the function.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-11-23 14:03 UTC] adambaratz@php.net 
Example backtrace:

#0  0x00007f871d9ee3c0 in strcpy (__src=<optimized out>, __dest=0x6874206d6f726620 <Address 0x6874206d6f726620 out of bounds>) at string3.h:104
#1  pdo_dblib_error_handler (dbproc=<optimized out>, severity=16, dberr=20018, oserr=-1, dberrstr=0x7f871e9f3560 "General SQL Server error: Check messages from the SQL Server",
    oserrstr=0x0) at pdo_dblib.c:129
#2  0x00007f871e9bccc4 in _dblib_handle_info_message () from libsybdb.so.5
#3  0x00007f871e9ca9fb in tds_process_msg () from libsybdb.so.5
#4  0x00007f871e9ca152 in tds_process_default_tokens () from libsybdb.so.5
#5  0x00007f871e9cb729 in tds_process_tokens () from libsybdb.so.5
#6  0x00007f871e9b60d0 in dbsqlok () from libsybdb.so.5
#7  0x00007f871d9eea89 in pdo_dblib_transaction_cmd (cmd=<optimized out>, dbh=<optimized out>)
    at dblib_driver.c:203
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Nov 21 20:01:29 2024 UTC