PHP :: Bug #56780 :: segmentation fault when use PDOStatement::bindParam

Bug #56780	segmentation fault when use PDOStatement::bindParam
Submitted:	2006-01-18 02:15 UTC	Modified:	2016-03-08 01:26 UTC
From:	shimooka at doyouphp dot jp	Assigned:	sixd (profile)
Status:	Closed	Package:	PDO OCI
PHP Version:	Irrelevant	OS:	RHEL3.0
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2006-01-18 02:15 UTC] shimooka at doyouphp dot jp

Description:
------------
When I used PDOStatement::bindParam before PDOStatement::execute,
I got segmentation fault.

If not used PDOStatement::bindParam, done well.

-Apache 2.0.55(tar ball)
-PHP5.1.2
-Oracle Database 9i Standard Edition Release 9.2.0.5.0
-configure options
  ./configure  \
  --with-apxs2=/home/shimooka/usr/local/apache2/bin/apxs \
  --prefix=/home/shimooka/usr/local/lib/php51 \
  --with-config-file-path=/home/shimooka/usr/local/lib/php51/ini/5.1.1 \
  --with-config-file-scan-dir=/home/shimooka/usr/local/lib/php51/ini.d \
  --with-pear=/home/shimooka/usr/local/lib/php51/pear \
  --enable-mbstring \
  --enable-mbregex \
  --enable-zend-multibyte \
  --with-oci8=shared,/opt/oracle/product/9.2.0 \
  --enable-pdo=shared \
  --with-pdo-oci=shared,/opt/oracle/product/9.2.0 \
  --with-libxml-dir=/usr/local/lib \
  --without-pdo-sqlite \
  --without-sqlite \
  --enable-sigchild \
  --enable-debug



Reproduce code:
---------------
<?php
$db = new PDO("oci:dbname=orcl", "scott", "tiger");
$db->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);
$stmt = $db->prepare("SELECT * FROM emp WHERE empno = ? ");
$param = 7499;
$stmt->bindParam(1, $param);
$stmt->execute();
$cnt = 1;
$row = array();
echo '<table border="1">';
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
    echo '<tr>';
    echo '<th>' . $cnt++ . '</th>';
    foreach ($row as $column_name => $column_value) {
        echo '<td>' . $column_value . '</td>';
    }
    echo '</tr>';
}
echo '</table>';
$stmt = null;
?>


Expected result:
----------------
results of query

Actual result:
--------------
$ gdb ~/usr/local/apache2/bin/httpd
GNU gdb Red Hat Linux (5.3.90-0.20030710.40rh)
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1".

(gdb) run -X
Starting program: /home/shimooka/usr/local/apache2/bin/httpd -X
[Thread debugging using libthread_db enabled]
[New Thread -1221619584 (LWP 20100)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1221619584 (LWP 20100)]
oci_bind_input_cb (ctx=0xbfff9c50, bindp=0x82c7e14, iter=0, index=0,
    bufpp=0x82c7ee8, alenp=0x82c7e70, piecep=0xbfff4dbc "\a", indpp=0xbfff4dbc)
    at /home/shimooka/usr/local/src/php-5.1.2/ext/pdo_oci/oci_statement.c:177
177             if (P->thing) {
(gdb) un -X
Ambiguous command "un -X": undisplay, unset, until.
(gdb) run -X
The program being debugged has been started already.
Start it from the beginning? (y or n) y

Starting program: /home/shimooka/usr/local/apache2/bin/httpd -X
[Thread debugging using libthread_db enabled]
[New Thread -1221619584 (LWP 20103)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1221619584 (LWP 20103)]
oci_bind_input_cb (ctx=0xbfff9520, bindp=0x82cb20c, iter=0, index=0,
    bufpp=0x82cb2e0, alenp=0x82cb268, piecep=0xbfff468c "\a", indpp=0xbfff468c)
    at /home/shimooka/usr/local/src/php-5.1.2/ext/pdo_oci/oci_statement.c:177
177             if (P->thing) {
(gdb) bt
#0  oci_bind_input_cb (ctx=0xbfff9520, bindp=0x82cb20c, iter=0, index=0,
    bufpp=0x82cb2e0, alenp=0x82cb268, piecep=0xbfff468c "\a", indpp=0xbfff468c)
    at /home/shimooka/usr/local/src/php-5.1.2/ext/pdo_oci/oci_statement.c:177
#1  0xb6485e3c in ttcGetSendInfo ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#2  0xb6486630 in ttcacs () from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#3  0xb648972e in ttcdrv () from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#4  0xb62f0fe9 in nioqwa () from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#5  0xb61a1476 in upirtrc ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#6  0xb61497b5 in kpurcsc ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#7  0xb6109e6e in kpuexecv8 ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#8  0xb610b904 in kpuexec ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#9  0xb616b1f4 in OCIStmtExecute ()
   from /opt/oracle/product/9.2.0/lib/libclntsh.so.9.0
#10 0xb697e0c3 in oci_stmt_execute (stmt=0x82cb20c)
    at /home/shimooka/usr/local/src/php-5.1.2/ext/pdo_oci/oci_statement.c:142
#11 0xb698ab45 in zif_PDOStatement_execute (ht=0, return_value=0x82a572c,
    return_value_ptr=0x0, this_ptr=0x82a5674, return_value_used=0)
    at /home/shimooka/usr/local/src/php-5.1.2/ext/pdo/pdo_stmt.c:426
---Type <return> to continue, or q <return> to quit---
#12 0xb6fec4a2 in zend_do_fcall_common_helper_SPEC (execute_data=0xbfff9940)
    at zend_vm_execute.h:192
#13 0xb6febd59 in execute (op_array=0x82ad7a4) at zend_vm_execute.h:92
#14 0xb6fd3ece in zend_execute_scripts (type=8, retval=0x0, file_count=3)
    at /home/shimooka/usr/local/src/php-5.1.2/Zend/zend.c:1101
#15 0xb6f9e237 in php_execute_script (primary_file=0xbfffbc90)
    at /home/shimooka/usr/local/src/php-5.1.2/main/main.c:1720
#16 0xb70348c4 in php_handler (r=0x823bd08)
    at /home/shimooka/usr/local/src/php-5.1.2/sapi/apache2handler/sapi_apache2.c:584
#17 0x080676a6 in ap_run_handler (r=0x823bd08) at config.c:153
#18 0x08067bbe in ap_invoke_handler (r=0x823bd08) at config.c:364
#19 0x08064f67 in ap_process_request (r=0x823bd08) at http_request.c:249
#20 0x08060e45 in ap_process_http_connection (c=0x822cd88) at http_core.c:251
#21 0x0806fa1e in ap_run_process_connection (c=0x822cd88) at connection.c:43
#22 0x0806621f in child_main (child_num_arg=-1073789300) at prefork.c:610
#23 0x080663ca in make_child (s=0x809bff0, slot=0) at prefork.c:650
#24 0x08066423 in startup_children (number_to_start=5) at prefork.c:722
#25 0x08066b31 in ap_mpm_run (_pconf=0x809a210, plog=0x80c62c0, s=0x809bff0)
    at prefork.c:941
#26 0x0806bbba in main (argc=2, argv=0xbfffc034) at main.c:618
(gdb)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-02-10 08:51 UTC] s dot zurnieden at media-control dot com

Can confirm this on:

-SuSE Linux 9.1 (i586)
-Apache 2.0.55(tar ball)
-PHP 5.1.2
-Oracle Instant Client 10.2.0.1
-Zend Studio Server

PHP configure:
'./configure' \
'--prefix=/usr' \
'--with-apxs2filter=/usr/sbin/apxs' \
'--sysconfdir=/etc/httpd2' \
'--with-config-file-path=/etc/httpd2' \
'--with-zlib' \
'--enable-bcmath' \
'--with-bz2' \
'--enable-calendar' \
'--with-curl' \
'--enable-dba' \
'--with-inifile' \
'--with-flatfile' \
'--enable-dbase' \
'--enable-exif' \
'--enable-ftp' \
'--with-gd' \
'--with-jpeg-dir=/usr/local' \
'--with-png-dir=/usr/local' \
'--with-freetype-dir=/usr/local' \
'--with-gettext' \
'--enable-mbstring' \
'--with-mcrypt' \
'--with-mhash' \
'--enable-pcntl' \
'--enable-shmop' \
'--enable-ucd-snmp-hack' \
'--enable-soap' \
'--enable-sockets' \
'--enable-sysvmsg' \
'--enable-sysvsem' \
'--enable-sysvshm' \
'--enable-wddx' \
'--with-xsl' \
'--with-pear=/usr/lib/php' \
'--enable-memory-limit' \
'--with-pdo-mysql=shared,/usr/local/mysql-4.0.25' \
'--with-mysql=/usr/local/mysql-4.0.25' \
'--with-oci8=instantclient,/usr/lib/oracle/10.2.0.1/client/lib' \
'--with-pdo-oci=shared,instantclient,/usr,10.2.0.1' \
'--with-xmlrpc' \
'--enable-pdo=shared' \
'--with-pdo-sqlite=shared' \
'--with-sqlite=shared' \
'--enable-sigchild' \

[2006-02-28 12:21 UTC] radu dot popescu at aldratech dot com

Environment:
  Red Hat Enterprise Linux ES release 4 (Nahant Update 2)
  httpd-2.0.52-22.ent
  PHP Version 5.1.2
  './configure' '--with-apxs2=/usr/sbin/apxs' '--with-oci8=instantclient,/usr/local/instantclient_10_2' '--with-pdo-oci=shared,instantclient,/usr/local/instantclient_10_2,10.2.0.1'

I don't get a segfault but this instead:

Fatal error:  Uncaught exception 'PDOException' with message 'SQLSTATE[HY000]: General error: 24338 OCIStmtFetch: ORA-24338: statement handle not executed
 (/usr/local/src/php-5.1.2/ext/pdo_oci/oci_statement.c:446)' in /var/www/test.com/test.php:15
Stack trace:
#0 /var/www/test.com/test.php(15): PDOStatement->fetch(2)
#1 {main}
  thrown in /var/www/test.com/test.php on line 15


Hope this helps.

[2006-05-29 04:07 UTC] shimooka at doyouphp dot jp

When php-5.1.4, I got results of the query with no segfault!
thanks.

[2012-06-26 22:27 UTC] sixd@php.net

-Status: Open +Status: Closed -Package: PDO_OCI +Package: *General Issues -Assigned To: +Assigned To: sixd

[2012-06-26 22:27 UTC] sixd@php.net

Doesn't reproduce with recent PHP versions. The query executes as expected.

[2012-06-26 22:30 UTC] sixd@php.net

-Status: Closed +Status: Re-Opened -Package: *General Issues +Package: PDO related

[2012-06-26 22:33 UTC] sixd@php.net

-Status: Re-Opened +Status: Closed

[2016-03-08 01:26 UTC] sixd@php.net

-Package: PDO related +Package: PDO OCI

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 18 02:02:52 2024 UTC