php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #35552 access violation on any invalid odbc query
Submitted: 2005-12-05 06:15 UTC Modified: 2006-05-16 22:50 UTC
Votes:4
Avg. Score:4.0 ± 1.0
Reproduced:4 of 4 (100.0%)
Same Version:2 (50.0%)
Same OS:3 (75.0%)
From: humbads at alum dot mit dot edu Assigned: wez
Status: Closed Package: PDO related
PHP Version: 5CVS-2005-12-14 (snap) OS: Windows XP SP2
Private report: No CVE-ID:
 [2005-12-05 06:15 UTC] humbads at alum dot mit dot edu
Description:
------------
PHP crashes with a memory exception when running any query with invalid syntax.  The driver is PDO-ODBC-Visual Foxpro on Windows XP SP2.  The folder has full control permission for IUSR to the directory containing the Foxpro DBF files.

The exception dialog shows:
php-cgi.exe - Application Error
The instruction at "0x7c80a258" reference memory at "0x0000000c". The memory could not be "written".

Using the out-of-the box install of PHP 5.1.1 with pdo and pdo_odbc extensions loaded via php.ini.  Latest Visual Foxpro ODBC driver was downloaded from Microsoft website.


Reproduce code:
---------------
<?php
$db = new PDO("odbc:Driver={Microsoft Visual FoxPro Driver};SourceType=DBF;SourceDB=C:\\temp\\;Exclusive=No");
$db->query("any query with invalid syntax");
?>

Expected result:
----------------
Should give a proper error message, no?


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-12-05 18:54 UTC] humbads at alum dot mit dot edu
This is with the latest snapshot release: php5.1-win32-200512051530.zip

Here is the stack trace:

>	kernel32.dll!_GetMBNoDefault@24()  + 0x6a	
 	kernel32.dll!_WideCharToMultiByte@32()  + 0x120	
 	odbc32.dll!_SQLError@32()  + 0xaa	
 	php_pdo_odbc.dll!pdo_odbc_error(_pdo_dbh_t * dbh=0x0071e6c8, _pdo_stmt_t * stmt=0x0071ebb8, void * statement=0x00000000, char * what=0x005f3194, const char * file=0x005f31cc, int line=175, void * * * tsrm_ls=0x00323f68)  Line 82	C
 	php_pdo_odbc.dll!odbc_handle_preparer(_pdo_dbh_t * dbh=0x0071e6c8, const char * sql=0x0071e878, long sql_len=13, _pdo_stmt_t * stmt=0x0071ebb8, _zval_struct * driver_options=0x00000000, void * * * tsrm_ls=0x00323f68)  Line 175 + 0x20	C
 	php_pdo.dll!zif_PDO_query(int ht=1, _zval_struct * return_value=0x0071e808, _zval_struct * * return_value_ptr=0x00000000, _zval_struct * this_ptr=0x0071e878, int return_value_used=0, void * * * tsrm_ls=0x0000000d)  Line 992 + 0x2f	C
 	php5ts.dll!zend_do_fcall_common_helper_SPEC(_zend_execute_data * execute_data=0x0012fb38, void * * * tsrm_ls=0x00323f68)  Line 192 + 0x35	C
 	php5ts.dll!ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER(_zend_execute_data * execute_data=0x0012fb38, void * * * tsrm_ls=0x00323f68)  Line 314 + 0x11	C
 	php5ts.dll!execute(_zend_op_array * op_array=0x00320000, void * * * tsrm_ls=0x0071dda0)  Line 92 + 0xc	C
 	ntdll.dll!_RtlFreeHeap@12()  + 0x130	
 	ntdll.dll!_NtReadFile@36()  + 0xc	
 	kernel32.dll!_ReadFile@20()  + 0x8a	


Unhandled exception at 0x7c80a258 (kernel32.dll) in php-cgi.exe: 0xC0000005: Access violation writing location 0x0000000c.
 [2005-12-14 06:02 UTC] wez@php.net
I made an adjustment to the way that we pull out the error information; I'm not sure that it will have resolved this particular issue, but it's worth trying it out while you're checking to see if #35620 is fixed.
 [2005-12-14 09:11 UTC] humbads at alum dot mit dot edu
This one still gives an exception, but it is different from before.  The call stack is one thousand deep. I'm using snapshot php5.1-win32-200512140730.zip.

Unhandled exception at 0x005f1164 (php_pdo_odbc.dll) in php-cgi.exe: 0xC0000005: Access violation writing location 0x00000012.

>	php_pdo_odbc.dll!pdo_odbc_error(_pdo_dbh_t * dbh=0x0071e338, _pdo_stmt_t * stmt=0x0071e850, void * statement=0x00000000, char * what=0x005f3194, const char * file=0x005f31cc, int line=202, void * * * tsrm_ls=0x00324090)  Line 101 + 0x7	C
 	php_pdo_odbc.dll!odbc_handle_preparer(_pdo_dbh_t * dbh=0x0071e338, const char * sql=0x0071e510, long sql_len=13, _pdo_stmt_t * stmt=0x0071e850, _zval_struct * driver_options=0x00000000, void * * * tsrm_ls=0x00324090)  Line 202 + 0x20	C
 	php_pdo.dll!zif_PDO_query(int ht=1, _zval_struct * return_value=0x0071e4a0, _zval_struct * * return_value_ptr=0x00000000, _zval_struct * this_ptr=0x0071e510, int return_value_used=0, void * * * tsrm_ls=0x0000000d)  Line 992 + 0x2f	C
 	php5ts.dll!10018d52() 	
 	php5ts.dll!100b4b32() 	
 	php5ts.dll!10018765() 	
 	php5ts.dll!100186e5() 	
 	php5ts.dll!10008d52() 	
... ... REPEATS MANY TIMES
 	php5ts.dll!100a7b94() 	
 	php5ts.dll!10002e2d() 	
 	msvcrt.dll!_free()  + 0xc3	
 	ntdll.dll!_RtlFreeHeap@12()  + 0x130	
 	00300030()	
 	odbc32.dll!_SearchStatusCode@8()  + 0x25	
 	odbc32.dll!_MPLeaveCriticalSection()  + 0x17	
 	0012fa34()	
 	odbc32.dll!_SQLPrepare@12()  + 0x96	
 	php_pdo_odbc.dll!odbc_handle_preparer(_pdo_dbh_t * dbh=0x0071e338, const char * sql=0x0071e510, long sql_len=13, _pdo_stmt_t * stmt=0x0071e850, _zval_struct * driver_options=0x00000000, void * * * tsrm_ls=0x00324090)  Line 202 + 0x20	C
 	php_pdo.dll!zif_PDO_query(int ht=1, _zval_struct * return_value=0x0071e4a0, _zval_struct * * return_value_ptr=0x00000000, _zval_struct * this_ptr=0x0071e510, int return_value_used=0, void * * * tsrm_ls=0x0000000d)  Line 992 + 0x2f	C
 	php5ts.dll!10018d52() 	
 	php5ts.dll!100b4b32() 	
 	php5ts.dll!10018765() 	
 	php5ts.dll!100186e5() 	
 	php5ts.dll!10008d52()
 [2005-12-23 12:55 UTC] markus at fischer dot name
I'm expiriencing the same behaviour with pdo_odbc and the M$ Access Driver. I can verify this with this snapshot: php5.1-win32-200512231130.zip

My testcase is:
$sDsn = 'odbc:driver={Microsoft Access Driver (*.mdb)};Dbq=beispieldatenbank.mdb;';
$oPdo = new PDO($sDsn);
$oPdo->query('SELEC * FROM ADDRESSES');
 [2006-04-30 00:52 UTC] wez@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fix will be in 5.1.4
 [2006-05-16 22:50 UTC] humbads at alum dot mit dot edu
Confirmed fix in 5.1.4.  Note, you have to print $db->errorInfo() to see the actual error message.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 10:02:06 2014 UTC