php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #41596 crash. when sql syntax is invalid
Submitted: 2007-06-05 10:48 UTC Modified: 2007-06-05 22:56 UTC
From: develar at gmail dot com Assigned: iliaa
Status: Closed Package: PDO related
PHP Version: 5.2.3 OS: Windows XP SP2
Private report: No CVE-ID:
 [2007-06-05 10:48 UTC] develar at gmail dot com
Description:
------------
'delete from users."users where id = :id' is wrong, must be 'delete from users."users" where id = :id', but why pdo crash.

Reproduce code:
---------------
<?php

$Db = new PDO('pgsql:host=192.168.0.66;dbname=test', 'postgres', 'password');
$Db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
$Db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);

$Pdo = $Db->prepare('delete from users."users where id = :id');
$Pdo->bindValue(':id', 45, PDO::PARAM_INT);
$Pdo->execute();

?>

Expected result:
----------------
not crash

Actual result:
--------------
crash

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-06-05 10:56 UTC] tony2001@php.net
Please define "crash".
 [2007-06-05 11:03 UTC] develar at gmail dot com
Apache die.

Server API: Apache 2.0 Handler.
Apache Version: Apache/2.0.59 (Win32).
 [2007-06-05 11:29 UTC] tony2001@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2007-06-05 15:20 UTC] develar at gmail dot com
Call Stack: PHP_PDO! 00fb5323()

It what is necessary?
 [2007-06-05 15:40 UTC] tony2001@php.net
Compare it to the backtrace here:
http://bugs.php.net/bugs-generating-backtrace-win32.php
 [2007-06-05 17:00 UTC] develar at gmail dot com
win must die. I use debian 4 (Linux 2.6.18-4-486), gdb.

#0  0x081a63c8 in pdo_parse_params (stmt=0xb79eec0c, inquery=0xb79eeb14 "delete from users.\"users where id = :id", inquery_len=39, outquery=0xbff3b3c0, outquery_len=0xbff3b3bc) at /tmp/php-5.2.3/ext/pdo/pdo_sql_parser.c:391
#1  0x081aaf63 in pgsql_handle_preparer (dbh=0xb79ee6c4, sql=0xb79eeb14 "delete from users.\"users where id = :id", sql_len=39, stmt=0xb79eec0c, driver_options=0x0) at /tmp/php-5.2.3/ext/pdo_pgsql/pgsql_driver.c:254
#2  0x0819b2b7 in zim_PDO_prepare (ht=1, return_value=0xb79ee894, return_value_ptr=0x0, this_ptr=0xb79ed240, return_value_used=1) at /tmp/php-5.2.3/ext/pdo/pdo_dbh.c:580
#3  0x083a93f1 in zend_do_fcall_common_helper_SPEC (execute_data=0xbff3b794) at /tmp/php-5.2.3/Zend/zend_vm_execute.h:200
#4  0x083aa03b in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0xbff3b794) at /tmp/php-5.2.3/Zend/zend_vm_execute.h:322
#5  0x083a8f54 in execute (op_array=0xb79ed938) at /tmp/php-5.2.3/Zend/zend_vm_execute.h:92
#6  0x083848b3 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /tmp/php-5.2.3/Zend/zend.c:1134
#7  0x08333f4a in php_execute_script (primary_file=0xbff3db30) at /tmp/php-5.2.3/main/main.c:1794
#8  0x083fdc3a in main (argc=2, argv=0xbff3dc74) at /tmp/php-5.2.3/sapi/cli/php_cli.c:1138
 [2007-06-05 22:56 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 24 21:01:55 2014 UTC