php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50597 odbc_result for a long varchar with defaultlrl=4k returns uninitialized memory
Submitted: 2009-12-28 20:59 UTC Modified: 2020-10-06 15:58 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: cdf123 at cdf123 dot net Assigned: cmb (profile)
Status: Duplicate Package: ODBC related
PHP Version: 5.3.1 OS: Gentoo Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: cdf123 at cdf123 dot net
New email:
PHP Version: OS:

 

 [2009-12-28 20:59 UTC] cdf123 at cdf123 dot net
Description:
------------
odbc_result looks like it is initializing the result string to the length of the data in the field, but the defaultlrl is limits how much is returned, so the remaining bytes seem to be random uninitialized memory.

Reproduce code:
---------------
<?php
$data = '000';
for($x=1;$x<12;$x++) $data .= $data;
$db = odbc_connect('DSN', 'user', 'pass');
odbc_exec($db, 'CREATE TABLE Temp (id int, seq int, contents varchar(8000))');
odbc_exec($db, 'INSERT INTO Temp (id, seq, contents) VALUES (1, 1, \'' . $data . '\')');
$rst = odbc_exec($db, 'select * from Temp');
while(odbc_fetch_row($rst)) echo odbc_result($rst, 'contents');
odbc_free_result($rst);
?>

Expected result:
----------------
4096 '0's

Actual result:
--------------
4096 '0's and 2048 bytes of binary data

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-06 15:58 UTC] cmb@php.net
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2020-10-06 15:58 UTC] cmb@php.net
I'm closing this as duplicate of bug #80147, which has recently
been fixed.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 18:01:29 2024 UTC