php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #45373 php crash on query with errors in params
Submitted: 2008-06-27 06:36 UTC Modified: 2008-10-06 15:09 UTC
From: max_wer at ukr dot net Assigned: felipe
Status: Closed Package: InterBase related
PHP Version: 5.2.6 OS: Windows XP SP2
Private report: No CVE-ID:
 [2008-06-27 06:36 UTC] max_wer at ukr dot net
Description:
------------
php crash
where 
  count(params in ibase_execute()) > count(params in SQL-string) and
  query-type is not SELECT


Reproduce code:
---------------
$db  = ibase_connect('127.0.0.1:employee','sysdba','masterkey');
$sql = 
"update country set   currency = ? where country  = ? returning country, currency";/**/
/*"select * from  country where country = ? and currency = ?"; /**/

$t   = ibase_trans(IBASE_WRITE);
$q   = ibase_prepare($db,$t,$sql);
$r   = ibase_execute($q,'USA','Dollar'/*!!!With three param SELECT-OK UPDATE-CRASH*/ ,0/**/);

ibase_rollback($t);
ibase_close($db);

Expected result:
----------------
must be error message


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-07-01 06:27 UTC] lester at lsces dot co dot uk
I can confirm this is happening, but I also get a crash with the select rather than just update.
Unable to modify the SQL 'NOT' to give a crash - which is what I would probably expect since only the number of parameters matter not how they are used.
Firebird 2.0 and PHP5.2.5
 [2008-07-01 09:24 UTC] max_wer at ukr dot net
I beg pardon. I was, probably, inattentive. SELECT query PHP crash too.
PHP 5.2.6 FIREBIRD 2.1.0
 [2008-10-04 22:54 UTC] felipe@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2008-10-06 08:35 UTC] max_wer at ukr dot net

 [2008-10-06 15:09 UTC] felipe@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fixed in 5.2, 5.3 and HEAD.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 16:02:23 2014 UTC