|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50727 Accesing mysqli->affected_rows on no connection causes segfault
Submitted: 2010-01-12 00:11 UTC Modified: 2010-02-01 11:48 UTC
From: lodeclaassen at gmail dot com Assigned: mysql (profile)
Status: Closed Package: Reproducible crash
PHP Version: 5.2.12 OS: Debian Linux
Private report: No CVE-ID: None
 [2010-01-12 00:11 UTC] lodeclaassen at gmail dot com
I open a mysqli connection that failes (in the tested case wrong password). After that when I try to get the affected rows (mysqli->affected_rows) PHP exits and I only get a blank screen.

The configure command from phpinfo:
'./configure' '--with-apxs2' '--with-curl=/usr/local/lib' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' '--with-gettext' '--with-jpeg-dir=/usr/local/lib' '--with-freetype-dir=/usr/local/lib' '--with-kerberos' '--with-openssl' '--with-mcrypt' '--with-mhash' '--with-mysql=/usr/local/mysql' '--with-mysqli=/usr/local/mysql/bin/mysql_config' '--with-pdo-mysql=/usr/local/mysql' '--with-pear' '--with-png-dir=/usr/local/lib' '--with-zlib' '--with-zlib-dir=/usr/local/lib' '--enable-zip' '--with-iconv=/usr/local' '--enable-bcmath' '--enable-calendar' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-mbstring'

Other settings I don't know, I don't operate the host.

Reproduce code:
echo 'startup<br />';

if (isset($_GET['try']) && $_GET['try'] == 1) {
	$connection = new mysqli('localhost', 'user', 'wrong password', 'SomeExistingTable');
	$connection->query("SELECT `id` FROM `SomeExistingTable` LIMIT 1");
	echo 'affected rows: '.$connection->affected_rows.'<br />';

echo 'ending<br />';

Expected result:
If I request the file with ?try=0 I expect:


When I request ?try=1 I get nothing, a blank screen.

Actual result:
With ?try=1 I expect to see:

affected rows: 


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-01-12 00:40 UTC]
Fixed in 5.3. Can reproduce in 5.2.

A simple fix for this might be

Index: ext/mysqli/mysqli_prop.c
--- ext/mysqli/mysqli_prop.c	(revision 293046)
+++ ext/mysqli/mysqli_prop.c	(working copy)
@@ -162,7 +162,7 @@
  	mysql = (MY_MYSQL *)((MYSQLI_RESOURCE *)(obj->ptr))->ptr;
-	if (!mysql) {
+	if (!mysql || !mysql->mysql) {
 	} else {

Untested and other properties might be affected - might be better to backport the fix from 5.3.
 [2010-01-12 01:28 UTC] lodeclaassen at gmail dot com
Do you know what properties/functions are affected apart from affected_rows? Or is that the only one?

My current fix/workaround was to test isset(affected_rows), but I've noticed that isset(insert_id) fails even if it has a number.
 [2010-02-01 11:37 UTC]
Automatic comment from SVN on behalf of andrey
Log: backport checks from 5.3 which fix one known segfault,
and maybe others unknown.
Bug #50727 	Accesing mysqli->affected_rows on no connection causes segfault
 [2010-02-01 12:18 UTC]
Automatic comment from SVN on behalf of uw
Log: Tests related to #50727
 [2010-02-04 20:28 UTC]
Automatic comment from SVN on behalf of johannes
Log: Merge mysql changes

293815 Add possibility to restrain the number of levels (andrey)
293816 decrement correctly! (andrey)
293976 Fix for bug#50772  (andrey)
294302 Tests related to #50727 (uw)
294313 Fix a bug in mysqlnd where a pointer was not incremented (andrey)
294317 Fix second bug in that code, + instead of += thus not increasing (andrey)
294337 No idea which recent change has cause this little API change, however it is not (uw)
294421 Pass tsrmls to all functions, which might need it in the future. (andrey)
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Fri Aug 19 14:05:45 2022 UTC