php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52512 Broken error handling in odbc_execute
Submitted: 2010-08-02 10:57 UTC Modified: 2010-11-07 19:14 UTC
From: mkoegler at auto dot tuwien dot ac dot at Assigned: felipe
Status: Closed Package: ODBC related
PHP Version: 5.3.3 OS: any
Private report: No CVE-ID:
 [2010-08-02 10:57 UTC] mkoegler at auto dot tuwien dot ac dot at
Description:
------------
odbc_execute has problems in its error handling:

* The list of open file descriptors for parameters is not closed properly

params[i].fp is not initialized with -1 => close may be called with a value leftover in memory by safe_emalloc.

* In the case of some errors, the file descriptors are not closed

* The return value of SQLDescribeParam and SQLBindParameter are not checked

Adding these error checks also yields to better error messages with some database systems.


Patches

odbc_execute_errorhandling.patch (last revision 2010-08-02 08:58 UTC) by mkoegler at auto dot tuwien dot ac dot at)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-06 18:55 UTC] felipe@php.net
-Status: Open +Status: Feedback
 [2010-11-06 18:55 UTC] felipe@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.


 [2010-11-07 19:13 UTC] felipe@php.net
Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=305170
Log: - Fixed bug #52512 (Broken error handling in odbc_execute)
  patch by: mkoegler at auto dot tuwien dot ac dot at
 [2010-11-07 19:14 UTC] felipe@php.net
-Status: Feedback +Status: Closed -Assigned To: +Assigned To: felipe
 [2010-11-07 19:14 UTC] felipe@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2010-11-07 19:14 UTC] felipe@php.net
Thanks for the patch! :)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 10:03:03 2014 UTC