|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #53323 pdo_firebird getAttribute() crash
Submitted: 2010-11-16 17:44 UTC Modified: 2010-11-16 22:04 UTC
From: preeves at ibphoenix dot com Assigned: felipe (profile)
Status: Closed Package: PDO related
PHP Version: 5.3.3 OS:
Private report: No CVE-ID: None
 [2010-11-16 17:44 UTC] preeves at ibphoenix dot com
There is a bug and a few omissions in firebird_handle_get_attribute.

Most significantly it declares tmp[200] which is used to store the server 
version. Unfortunately, a typical server version string is now over 300 bytes 
long. So this call just blows the driver out of the water, leaves this error 
in the apache log:

*** stack smashing detected ***: /usr/sbin/httpd2-prefork terminated                                                                                        
[Tue Nov 16 13:42:53 2010] [notice] child pid 11656 exit signal Segmentation
fault (11)

and the user is left staring at a server timeout error in the browser. This is 
easily fixed by declaring tmp[]  to be larger.

Less seriously, these attributes are not handled:


so if they are called outside a try..catch then the call will fail badly. It 
is not obvious that a try..catch should be required so it is probably better 
to just handle these cases in the driver.

I've attached a patch which fixes all of these issues.


php-5.3.3-pdo_firebird_driver_attributes.patch (last revision 2010-11-16 16:45 UTC by preeves at ibphoenix dot com)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-11-16 22:02 UTC]
Automatic comment from SVN on behalf of felipe
Log: - Fixed bug #53323 (pdo_firebird getAttribute() crash)
  patch by: preeves at ibphoenix dot com
 [2010-11-16 22:04 UTC]
-Summary: Some calls to pdo_firebird getAttribute crash +Summary: pdo_firebird getAttribute() crash -Status: Open +Status: Closed -Assigned To: +Assigned To: felipe
 [2010-11-16 22:04 UTC]
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Thanks for the patch!

I've modified a bit the patch, I removed the lines adding PDO_ATTR_PREFETCH, PDO_ATTR_TIMEOUT, as this is not a pdo_firebird problem, but the pdo drivers works in this way.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Apr 23 18:01:34 2024 UTC