php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50445 PDO-ODBC stored procedure call from Solaris 64-bit causes seg fault
Submitted: 2009-12-11 00:32 UTC Modified: 2009-12-11 22:32 UTC
From: davbrown4 at yahoo dot com Assigned: felipe
Status: Closed Package: PDO related
PHP Version: 5.2, 5.3, 6 OS: Solaris
Private report: No CVE-ID:
 [2009-12-11 00:32 UTC] davbrown4 at yahoo dot com
Description:
------------
While testing the 64-bit version of our ODBC driver (StarQuest StarSQL http://www.starquest.com) on Solaris SPARC, with unixODBC 2.2.14 (the current stable version),  we encountered a seg fault when when using PDO-ODBC to call a stored procedure.  The patch below (5.3.1) fixed our problem.

The existing php code is making the assumption that an "enum" has the same size as a "long". That is not the case on many 64-bit systems. We fixed this one by using an local intermediate "long" variable. It could likely also be fixed by modifying the format string. 
 
There may be several other faulty assumptions about the size of "enum" that we didn't encounter.

Here are our patches to 5.3.11:


diff -ur pdo-orig/pdo_stmt.c pdo/pdo_stmt.c
--- pdo-orig/pdo_stmt.c 2009-10-19 14:43:34.000000000 -0700
+++ pdo/pdo_stmt.c      2009-12-03 16:31:18.000000000 -0800
@@ -1657,12 +1657,13 @@
 static int register_bound_param(INTERNAL_FUNCTION_PARAMETERS, pdo_stmt_t *stmt, int is_param) /* {{{ */
 {
        struct pdo_bound_param_data param = {0};
+       long param_type;

        param.paramno = -1;
        param.param_type = PDO_PARAM_STR;

        if (FAILURE == zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC,
-                       "lz|llz!", &param.paramno, &param.parameter, &param.param_type, &param.max_value_len,
+                       "lz|llz!", &param.paramno, &param.parameter, &param_type, &param.max_value_len,
                        &param.driver_params)) {
                if (FAILURE == zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sz|llz!", &param.name,
                                &param.namelen, &param.parameter, &param.param_type, &param.max_value_len,
@@ -1671,6 +1672,7 @@
                }
        }

+       param.param_type = (int)param_type;
        if (param.paramno > 0) {
                --param.paramno; /* make it zero-based internally */
        } else if (!param.name) {




Reproduce code:
---------------
<?php

// Connect to the database
try{
$dbh = new PDO("odbc:MAX64", 'USER', 'PWD');
}catch (PDOException $e) {
    print "Error!: " . $e->getMessage();
    die();
}

// Set parameter values
$inval = 'ANNIE';
$inoutval = 'HALL';
$outval = NULL;

// Prepare stored procedure call with three parameters
$sth = $dbh->prepare('CALL USER.SPROC(?, ?, ?)');

// Bind parameter 1 as IN parameter
// Be sure *not* to set a length to indicate it's an IN parameter
$sth->bindParam(1, $inval, PDO::PARAM_STR);

// Bind parameter 2 as INOUT parameter
$sth->bindParam(2, $inoutval, PDO::PARAM_STR|PDO::PARAM_INPUT_OUTPUT, 20);

// Bind parameter 3 as OUT parameter
// Be sure to explicitly set a length to indicate it's an OUTPUT parameter
$sth->bindParam(3, $outval, PDO::PARAM_INT, 20);

// Call the stored procedure
print "Executing stored procedure...\n";
$res = $sth->execute();
....




Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-12-11 22:30 UTC] svn@php.net
Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&revision=292003
Log: - Fixed bug #50445 (PDO-ODBC stored procedure call from Solaris 64-bit causes seg fault).
  (Original patch by davbrown4 at yahoo dot com)
 [2009-12-11 22:32 UTC] felipe@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

I've committed a bit modified patch.
Thanks for the patch!
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 23 14:02:33 2014 UTC