PHP :: Bug #50597 :: odbc_result for a long varchar with defaultlrl=4k returns uninitialized memory

Bug #50597

odbc_result for a long varchar with defaultlrl=4k returns uninitialized memory

Submitted:

2009-12-28 20:59 UTC

Modified:

2020-10-06 15:58 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

cdf123 at cdf123 dot net

Assigned:

cmb (profile)

Status:

Duplicate

Package:

ODBC related

PHP Version:

5.3.1

OS:

Gentoo Linux

Private report:

CVE-ID:

None

View Developer Edit

[2009-12-28 20:59 UTC] cdf123 at cdf123 dot net

Description:
------------
odbc_result looks like it is initializing the result string to the length of the data in the field, but the defaultlrl is limits how much is returned, so the remaining bytes seem to be random uninitialized memory.

Reproduce code:
---------------
<?php
$data = '000';
for($x=1;$x<12;$x++) $data .= $data;
$db = odbc_connect('DSN', 'user', 'pass');
odbc_exec($db, 'CREATE TABLE Temp (id int, seq int, contents varchar(8000))');
odbc_exec($db, 'INSERT INTO Temp (id, seq, contents) VALUES (1, 1, \'' . $data . '\')');
$rst = odbc_exec($db, 'select * from Temp');
while(odbc_fetch_row($rst)) echo odbc_result($rst, 'contents');
odbc_free_result($rst);
?>

Expected result:
----------------
4096 '0's

Actual result:
--------------
4096 '0's and 2048 bytes of binary data

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2020-10-06 15:58 UTC] cmb@php.net

-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb

[2020-10-06 15:58 UTC] cmb@php.net

I'm closing this as duplicate of bug #80147, which has recently
been fixed.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Sat Jan 03 19:00:01 2026 UTC