php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52891 Wrong data inserted with mysqli/mysqlnd when using bind_param,value>LONG_MAX
Submitted: 2010-09-20 08:56 UTC Modified: 2010-09-22 14:18 UTC
From: andrey@php.net Assigned: mysql
Status: Closed Package: MySQLi related
PHP Version: 5.3SVN-2010-09-20 (SVN) OS: All
Private report: No CVE-ID:
 [2010-09-20 08:56 UTC] andrey@php.net
Description:
------------
LONG_MAX is differs from platform to platform. 
Because zval internally uses a signed long for integer fields when the value in the script is over LONG_MAX, or under -LONG_MAX-1 then the value is fit into a double. When using mysqli_stmt_bind_param with such a value and "i" modifier then the value is converted back to long, which results in incorrect results - like if the VALUE was LONG_MAX+1 the result will be -1 (internally it is a signed long).

Test script:
---------------
CREATE TABLE tint(a bigint unsigned);


./php -r '$c=mysqli_connect("127.0.0.1","root","root","test");$s=$c->prepare("insert into tint values(?)");$param=4294967295;$s->bind_param("i",$param);var_dump($s->execute());'
bool(true)

Expected result:
----------------
Don't bork the data. Check if the value can't be fit into a long, and if this is the case use string to send to the server (changing the modifier to "s" just for the next execution, preserve "i" for further executions).

Actual result:
--------------
-1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-09-20 08:57 UTC] andrey@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: mysql
 [2010-09-22 13:38 UTC] andrey@php.net
Automatic comment from SVN on behalf of andrey
Revision: http://svn.php.net/viewvc/?view=revision&revision=303671
Log: Fix for
Bug #52891 Wrong data inserted with mysqli/mysqlnd when using bind_param,value>LONG_MAX
 [2010-09-22 14:18 UTC] andrey@php.net
-Status: Assigned +Status: Closed
 [2010-09-22 14:18 UTC] andrey@php.net
Fix will be part of 5.3.4
 [2010-09-22 16:26 UTC] andrey@php.net
Automatic comment from SVN on behalf of andrey
Revision: http://svn.php.net/viewvc/?view=revision&revision=303675
Log: fix for bug 52891 - optimize a bit
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 18 00:01:21 2014 UTC