php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #31039 ocifetchstatement Crashes php when clob length is > 0 && < 3
Submitted: 2004-12-09 17:44 UTC Modified: 2004-12-24 01:00 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: ahmad dot ali at eedo dot com Assigned:
Status: No Feedback Package: OCI8 related
PHP Version: 4.3.8 OS: Linux
Private report: No CVE-ID: None
 [2004-12-09 17:44 UTC] ahmad dot ali at eedo dot com
Description:
------------
THIS IS A CRITICAL bug that is related to 14702 bug but was never followed. Whenever your do a select statement on a clob field (on a linux box) that has a length of less then 3 characters but more then 0 it will crash php. If you need more info please email me at ahmad.ali@eedo.com. We have clients running on oracle and are now stuck with no solutions.

Reproduce code:
---------------
  if(!$port) $port = '1521';
  $tns = "
(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=$host)(PORT=$port)))(CONNECT_DATA=(SID=$dbname)))";

  $conn = ocilogon('xxxxx','xxxxx',$tns);
  
  $SQL = "SELECT MYCLOBFIELD FROM CLOBTABLE";
  
  $Result = ociparse($conn,$SQL);
  while(ocifetchinto($result, &$resultarray,    
                     OCI_RETURN_NULLS + OCI_RETURN_LOBS))
  {
    // It crashes before it even gets here
  }

Expected result:
----------------
not too crash and return the result from ocifetchinto.

Actual result:
--------------
Page not found (PHP crashes)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-12-09 17:46 UTC] tony2001@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

.
 [2004-12-14 17:28 UTC] ahmad dot ali at eedo dot com
(gdb) bt
#0  0x4056bc67 in ttci2u () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#1  0x40335490 in kpulbcr () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#2  0x40579002 in ttcdrv () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#3  0x40448855 in nioqwa () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#4  0x4035a9f2 in upirtrc () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#5  0x4033742d in kpurcsc () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#6  0x4032500c in kpulfrd () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#7  0x40344d7a in OCILobRead () from
/opt/oracle/Oracle8iR3/lib/libclntsh.so.8.0
#8  0x80781c6 in oci_loadlob (connection=0x81d7d0c, mydescr=0x81d7c24,
buffer=0xbfffd9b8, loblen=0xbfffd9bc)
    at oci8.c:1860
#9  0x80771f4 in _oci_make_zval (value=0x81f206c, statement=0x81db77c,
column=0x81e641c, 
    func=0x811d5ef "OCIFetchStatement", mode=8) at oci8.c:1242
#10 0x807bbc6 in zif_ocifetchstatement (ht=2, return_value=0x81e65e4,
this_ptr=0x0, return_value_used=1) at oci8.c:3970
#11 0x8103a55 in execute (op_array=0x81d15e4) at
/home/ch/php-4.1.0/Zend/zend_execute.c:1590
#12 0x80e5cc2 in zend_execute_scripts (type=8, retval=0x0, file_count=3)
at zend.c:814
#13 0x8063921 in php_execute_script (primary_file=0xbffff9d0) at
main.c:1309
#14 0x8061bc4 in main (argc=2, argv=0xbffffa74) at cgi_main.c:738
#15 0x407faf31 in __libc_start_main (main=0x80613d4 <main>, argc=2,
ubp_av=0xbffffa74, init=0x805f8d0 <_init>, 
    fini=0x811843c <_fini>, rtld_fini=0x4000e274 <_dl_fini>,
stack_end=0xbffffa6c) at ../sysdeps/generic/libc-start.c:129
 [2004-12-14 19:13 UTC] tony2001@php.net
Just tried both with 5.1-dev & 4.3.10(release) - works fine.
Are you really still using 4.3.8? 
Did you try any CVS snapshot?
 [2004-12-14 20:50 UTC] ahmad dot ali at eedo dot com
Yes we are using 4.3.8 although one thing I did forget to mention is that were using UTF8 with the MBString library. I haven't tried any newer version since 4.3.8 but I did review all the changes since then and found nothing related to this bug. One thing I did find is that someone else reported a similar bug (#14702) with the exact same setup that we have and had the same problem. Padding the clob with a select statement (e.g. SELECT '~~~' || CLOB_FIELD) seems to fix the problem, but obviously this is not a solution. I will try to provide you a test site if it would help diagnosing the problem.

Cheers, 

Ahmad
 [2004-12-24 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC