php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57204 sqlite_escape_string tries to consume infinite memory
Submitted: 2006-08-29 17:29 UTC Modified: 2006-10-11 20:17 UTC
From: jose at psabs dot com dot br Assigned:
Status: Closed Package: SQLite (PECL)
PHP Version: 4.4.1 OS: Linux amd64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jose at psabs dot com dot br
New email:
PHP Version: OS:

 

 [2006-08-29 17:29 UTC] jose at psabs dot com dot br
Description:
------------
On amd64 the sqlite_escape_string function is faulty and causes PHP to
kill the script due to PHP's internal memory limit being reached.

There was a patch to solve this bug,  look at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361605
for more information.


An example script that reproduces this problem is:

<?php
echo sqlite_escape_string("a");
?>

Running this script will result in an error message such as:

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to
allocate -1969234011 bytes) in /var/www/test.php on line 2

The string passed to sqlite_escape_string and the value of the PHP
memory limit do not effect the behaviour of the bug. The number of bytes
attempted to allocate seems completely bogus.

php5-sqlite (linked against the same libsqlite0) is not affected and
neither is php4-sqlite on i386.

This bug is currently breaking the PHPwiki package on amd64 systems.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-11 20:17 UTC] ilia at prohost dot org
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 09:01:30 2024 UTC