PHP :: Bug #57673 :: sqlite_escape_string handles NULL improperly

Bug #57673	sqlite_escape_string handles NULL improperly
Submitted:	2007-05-15 16:25 UTC	Modified:	2008-10-25 14:19 UTC
From:	phpbugs at wheelhouse dot org	Assigned:	kalle (profile)
Status:	Closed	Package:	SQLite (PECL)
PHP Version:	4.4.5	OS:	Any
Private report:	No	CVE-ID:	None

View Developer Edit

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem: 32 - 20 = ?
Subscribe to this entry?

[2007-05-15 16:25 UTC] phpbugs at wheelhouse dot org

Description:
------------
This is a bug which has been "fixed in CVS" for nearly three years but still exists in the current "stable" version.

It causes bogus results.

Please release a new "stable" version of the sqlite PECL extension that fixes this bug and 11050.



Reproduce code:
---------------
diff -u sqlite.c- sqlite.c
--- sqlite.c-   Tue May 15 12:53:24 2007
+++ sqlite.c    Tue May 15 13:13:50 2007
@@ -1795,12 +1795,14 @@
                enclen = sqlite_encode_binary((const unsigned char*)string, stringlen, ret+1);
                RETVAL_STRINGL(ret, enclen+1, 0);
 
-       } else  {
+       } else if (stringlen)  {
                ret = sqlite_mprintf("%q", string);
                if (ret) {
                        RETVAL_STRING(ret, 1);
                        sqlite_freemem(ret);
                }
+       } else {
+               RETURN_EMPTY_STRING();
        }
 }
 /* }}} */


Expected result:
----------------
See http://bugs.php.net/bug.php?id=36867

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-10-24 18:05 UTC] kalle@php.net

This was also fixed in a PHP release, hence why no pecl release.

[2008-10-24 19:27 UTC] phpbugs at wheelhouse dot org

This bug is in reference to PHP 4, with which SQLite is not included.  Hence the need to fix it in PECL.

But at this very late date, PHP 4 support doesn't seem like a priority, so maybe this package should be pulled from PECL altogether.

[2008-10-25 08:20 UTC] kalle@php.net

This is ofcourse a bad mistake from the maintainers, but since at the time SQLite was moved into PHP5's source then it was mainly maintained there.

And I would expect a PHP4 release, its unsupported and no bugs are fixed for it anymore.

[2008-10-25 14:19 UTC] phpbugs at wheelhouse dot org

I assume you mean you would NOT expect a new release of this module since it is only used by PHP 4.

This many years late, I don't think I expected a new release either, so I guess that's that.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Nov 02 14:00:01 2025 UTC