php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34777 (DBLIB) Calling PDO::errorInfo causes SIGSEGV if no errors have occured
Submitted: 2005-10-07 13:08 UTC Modified: 2005-10-09 21:00 UTC
From: spheroid@php.net Assigned: wez
Status: Closed Package: PDO related
PHP Version: 5CVS-2005-10-07 (snap) OS: Mac OS X 10.4
Private report: No CVE-ID:
 [2005-10-07 13:08 UTC] spheroid@php.net
Description:
------------
Calling the PDO:errorInfo() after successful query execution might seem a little useless but it really shouldn't crash the process.

I tracked down the problem with valgrind (on a debian box) and I'm pasting the partial output here:

==2622== Process terminating with default action of signal 11 (SIGSEGV)
==2622==  Access not within mapped region at address 0x0
==2622==    at 0x1B9057F8: strlen (mac_replace_strmem.c:189)
==2622==    by 0x82A11DA: add_next_index_string (zend_API.c:1040)
==2622==    by 0x81556A3: dblib_fetch_error (dblib_driver.c:64)
==2622==    by 0x82C1FB5: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:184)
==2622==    by 0x82C17D8: execute (zend_vm_execute.h:87)
==2622==    by 0x82A02CB: zend_execute_scripts (zend.c:1078)
==2622==    by 0x82689BA: php_execute_script (main.c:1672)
==2622==    by 0x83291C9: main (php_cli.c:1039)

I'm not very good with C but I was able to alter the behavior to be the same (I believe) as with PgSQL driver with the following patch:

--- dblib_driver.c.old  2005-10-07 11:45:24.000000000 +0300
+++ dblib_driver.c      2005-10-07 11:23:04.000000000 +0300
@@ -54,6 +54,10 @@
                msg = einfo->dberrstr;
        }
 
+       if (einfo->dberr == 0) {
+               return 1;
+       }
+
        spprintf(&message, 0, "%s [%d] (severity %d) [%s]",
                msg, einfo->dberr, einfo->severity, stmt ? stmt->active_query_string : "");
 


Reproduce code:
---------------
<?php

$pdo = new PDO(...);
var_dump($pdo->errorInfo());

?>

Expected result:
----------------
array(1) {
  [0]=>
  string(0) ""
}

Actual result:
--------------
zsh: bus error  /usr/local/bin/php dblib.php


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-10-07 13:36 UTC] sniper@php.net
Assigned to the maintainer.

 [2005-10-09 21:00 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sat Apr 19 14:01:50 2014 UTC