php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47415 PDO_Firebird segfaults when passing lowercased column name to bindColumn()
Submitted: 2009-02-16 22:36 UTC Modified: 2011-12-28 10:23 UTC
From: felipe@php.net Assigned: mariuz (profile)
Status: Closed Package: PDO related
PHP Version: 5.3CVS-2009-02-16 (CVS) OS: *
Private report: No CVE-ID: None
 [2009-02-16 22:36 UTC] felipe@php.net
Description:
------------
The problem just happens when using lowercased column name in boundColumn calls. Using uppercased occurs memleaks though. (probably related to #47414)

Reproduce code:
---------------
<?php

$db = new PDO('firebird:dbname=...', 'sysdba', 'foo');

$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);

@$db->exec('drop table test');
$db->exec('CREATE TABLE test(idx int NOT NULL PRIMARY KEY, txt VARCHAR(20))');
$db->exec('INSERT INTO test VALUES(0, \'String0\')');

$stmt = $db->prepare('SELECT idx, txt FROM test ORDER by idx');

$idx = $txt = 0;

$stmt->bindColumn('idx', $idx);
$stmt->bindColumn('txt', $txt);
$stmt->execute();

$stmt->fetch(PDO::FETCH_BOUND);



Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb79ee8e0 (LWP 5961)]
0x081d3466 in firebird_stmt_get_col (stmt=0x8c3ac5c, colno=-1, ptr=0xbf7fb76c, len=0xbf7fb768, caller_frees=0xbf7fb764, tsrm_ls=0x8af8050)
    at /home/felipe/dev/php5/ext/pdo_firebird/firebird_statement.c:273
273		if (*var->sqlind == -1) {
(gdb) bt
#0  0x081d3466 in firebird_stmt_get_col (stmt=0x8c3ac5c, colno=-1, ptr=0xbf7fb76c, len=0xbf7fb768, caller_frees=0xbf7fb764, tsrm_ls=0x8af8050)
    at /home/felipe/dev/php5/ext/pdo_firebird/firebird_statement.c:273
#1  0x081d47d9 in firebird_stmt_param_hook (stmt=0x8c3ac5c, param=0x8c3b3d4, event_type=PDO_PARAM_EVT_FETCH_POST, tsrm_ls=0x8af8050)
    at /home/felipe/dev/php5/ext/pdo_firebird/firebird_statement.c:555
#2  0x081c766e in dispatch_param_event (stmt=0x8c3ac5c, event_type=PDO_PARAM_EVT_FETCH_POST, tsrm_ls=0x8af8050) at /home/felipe/dev/php5/ext/pdo/pdo_stmt.c:184
#3  0x081c88d2 in do_fetch_common (stmt=0x8c3ac5c, ori=PDO_FETCH_ORI_NEXT, offset=0, do_bind=1, tsrm_ls=0x8af8050) at /home/felipe/dev/php5/ext/pdo/pdo_stmt.c:705
#4  0x081ca077 in do_fetch (stmt=0x8c3ac5c, do_bind=1, return_value=0x8c3b238, how=PDO_FETCH_BOUND, ori=PDO_FETCH_ORI_NEXT, offset=0, return_all=0x0, 
    tsrm_ls=0x8af8050) at /home/felipe/dev/php5/ext/pdo/pdo_stmt.c:934
#5  0x081cba40 in zim_PDOStatement_fetch (ht=1, return_value=0x8c3b238, return_value_ptr=0x0, this_ptr=0x8c38100, return_value_used=0, tsrm_ls=0x8af8050)
    at /home/felipe/dev/php5/ext/pdo/pdo_stmt.c:1391
#6  0x084331b8 in zend_do_fcall_common_helper_SPEC (execute_data=0x8c6745c, tsrm_ls=0x8af8050) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:313
#7  0x08434337 in ZEND_DO_FCALL_BY_NAME_SPEC_HANDLER (execute_data=0x8c6745c, tsrm_ls=0x8af8050) at /home/felipe/dev/php5/Zend/zend_vm_execute.h:422


Patches

Bug-47415-lowercased-column-name-to-bindColumn (last revision 2011-12-13 15:28 UTC by dabramov at american-appraisal dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-12-10 22:47 UTC] mariuz@php.net
-Assigned To: +Assigned To: mariuz
 [2011-12-28 09:52 UTC] mariuz@php.net
Automatic comment from SVN on behalf of mariuz
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=321462
Log: added testcase for Bug 47415
 [2011-12-28 10:16 UTC] mariuz@php.net
Automatic comment from SVN on behalf of mariuz
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=321467
Log: fix Bug #47415	PDO_Firebird segfaults when passing lowercased column name to bindColumn()
 [2011-12-28 10:23 UTC] mariuz@php.net
-Status: Assigned +Status: Closed
 [2012-04-18 09:46 UTC] laruence@php.net
Automatic comment on behalf of mariuz
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9e06b7f41db61bb285d5c3b2ec094c9ee2aaee7f
Log: fix Bug #47415	PDO_Firebird segfaults when passing lowercased column name to bindColumn()
 [2012-07-24 23:37 UTC] rasmus@php.net
Automatic comment on behalf of mariuz
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9e06b7f41db61bb285d5c3b2ec094c9ee2aaee7f
Log: fix Bug #47415	PDO_Firebird segfaults when passing lowercased column name to bindColumn()
 [2013-11-17 09:34 UTC] laruence@php.net
Automatic comment on behalf of mariuz
Revision: http://git.php.net/?p=php-src.git;a=commit;h=9e06b7f41db61bb285d5c3b2ec094c9ee2aaee7f
Log: fix Bug #47415	PDO_Firebird segfaults when passing lowercased column name to bindColumn()
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Oct 10 10:01:27 2024 UTC