PHP :: Bug #57358 :: Segfault when executing parametized query

Bug #57358	Segfault when executing parametized query
Submitted:	2006-11-08 13:41 UTC	Modified:	2006-11-22 15:33 UTC
From:	paul dot carlucci at gmail dot com	Assigned:	kfbombar (profile)
Status:	Closed	Package:	PDO_INFORMIX (PECL)
PHP Version:	5.2.0 RC4	OS:	Redhat 8
Private report:	No	CVE-ID:	None

View Developer Edit

[2006-11-08 13:41 UTC] paul dot carlucci at gmail dot com

Description:
------------
PHP 5.2.0 release
PDO_INFORMIX 1.0.1 (not 1.0.0)
Redhat 8
IDS 9.21.UC4
CSDK 2.81.UC3

This looks identical to bug 6717, except I'm already on 1.0.1.

Reproduce code:
---------------
(assuming $dbh is existing)

try {
	$sth = $dbh->prepare("
		SELECT *
		FROM tab
		WHERE tab_type = ?;
	");
	$val = 'xml';
	$sth->bindParam(1, $val, PDO::PARAM_STR);

	if ($sth->execute()) {
		print("<pre>\n");
		while ($row = $sth->fetch()) {
			print_r($row);
		}
		print("</pre>\n");
	}
	else {
		print("Flunked.\n");
	}
	$dbh = null;
} catch (PDOException $e) {
	print "Error!: " . $e->getMessage() . "<br/>";
	die();
}

Expected result:
----------------
No core file

Actual result:
--------------
A core file

(gdb) bt
#0  stmt_parameter_pre_execute (stmt=0x4050aa28, 
curr=0x4050b118)
    at /tmp/pear/cache/PDO_INFORMIX-1.0.1/
informix_statement.c:518
#1  0x0814ee7b in dispatch_param_event (stmt=0x4050aa28, 
    event_type=PDO_PARAM_EVT_EXEC_PRE)
    at /home/paul/build/php-5.2.0/ext/pdo/pdo_stmt.c:149
#2  0x0814f62c in zim_PDOStatement_execute (ht=0, 
return_value=0x4050e374, 
    return_value_ptr=0x0, this_ptr=0x4050e4e0, 
return_value_used=1)
    at /home/paul/build/php-5.2.0/ext/pdo/pdo_stmt.c:453
#3  0x0828f216 in zend_do_fcall_common_helper_SPEC 
(execute_data=0xbfffd320)
    at /home/paul/build/php-5.2.0/Zend/zend_vm_execute.h:200
#4  0x0828eae1 in execute (op_array=0x4050982c)
    at /home/paul/build/php-5.2.0/Zend/zend_vm_execute.h:92
#5  0x082797f3 in zend_execute_scripts (type=8, retval=0x0, 
file_count=3)
    at /home/paul/build/php-5.2.0/Zend/zend.c:1097
#6  0x08246f48 in php_execute_script 
(primary_file=0xbffff720)
    at /home/paul/build/php-5.2.0/main/main.c:1758
#7  0x082d2783 in main (argc=2, argv=0xbffff7b4)
    at /home/paul/build/php-5.2.0/sapi/cli/php_cli.c:1108
#8  0x420158d4 in __libc_start_main () from /lib/i686/
libc.so.6
(gdb) print curr->driver_data
$39 = (void *) 0x0
(gdb)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-11-13 11:33 UTC] kfbombar at us dot ibm dot com

We have not been able to reproduce this segfault.  Can you please provide the PHP script that you are reproducing this with including the table and table contents you are using.  Here is our script that we are trying to reproduce it with:

<?php

$dbh = new PDO("informix:...", "...", "...");

if ($dbh) print "Connection Established!\n\n";

try {
    $sth = $dbh->prepare("select * from systables where tabtype = ?");
    $val = 'T';
    $sth->bindParam(1, $val, PDO::PARAM_STR);

    if ($sth->execute()) {
        print("<pre>\n");
        while ($row = $sth->fetch()) {
            print_r($row);
        }
        print("</pre>\n");
    }
    else {
        print("Flunked.\n");
    }
    $dbh = null;
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}

?>

[2006-11-14 14:16 UTC] paul dot carlucci at gmail dot com

I took your sample code as is (well, connection string 
differing of course) and got the following results:

[paul@host paul]$ php pdo_crash.php 
Connection Established!

Segmentation fault
[paul@host paul]$ 



Installing shared extensions:     /var/tmp/pear-build-root/
install-PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib/php/
extensions/no-debug-non-zts-20060613/
running: find "/var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1" -ls
1112040    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-PDO_INFORMIX-1.0.1
1911748    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr
1112065    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local
1112066    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0
1600831    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib
1601602    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib/php
1601603    4 drwxr-xr-x   3 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib/php/extensions
1601604    4 drwxr-xr-x   2 root     root         4096 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib/php/extensions/
no-debug-non-zts-20060613
1601605  172 -rwxr-xr-x   1 root     root       170303 Nov 
14 14:02 /var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1/usr/local/php-5.2.0/lib/php/extensions/
no-debug-non-zts-20060613/pdo_informix.so

Build process completed successfully
Installing '/var/tmp/pear-build-root/install-
PDO_INFORMIX-1.0.1//usr/local/php-5.2.0/lib/php/extensions/
no-debug-non-zts-20060613/pdo_informix.so'
install ok: channel://pear.php.net/PDO_INFORMIX-1.0.1
[root@host lib]# 



(gdb) bt
#0  stmt_parameter_pre_execute (stmt=0x4050b360, 
curr=0x4050b5d0)
    at /tmp/pear/cache/PDO_INFORMIX-1.0.1/
informix_statement.c:518
#1  0x0814ee7b in dispatch_param_event (stmt=0x4050b360, 
    event_type=PDO_PARAM_EVT_EXEC_PRE)
    at /home/paul/build/php-5.2.0/ext/pdo/pdo_stmt.c:149
#2  0x0814f62c in zim_PDOStatement_execute (ht=0, 
return_value=0x4050aac8, 
    return_value_ptr=0x0, this_ptr=0x4050aa70, 
return_value_used=1)
    at /home/paul/build/php-5.2.0/ext/pdo/pdo_stmt.c:453
#3  0x0828f216 in zend_do_fcall_common_helper_SPEC 
(execute_data=0xbfffd340)
    at /home/paul/build/php-5.2.0/Zend/zend_vm_execute.h:200
#4  0x0828eae1 in execute (op_array=0x40509768)
    at /home/paul/build/php-5.2.0/Zend/zend_vm_execute.h:92
#5  0x082797f3 in zend_execute_scripts (type=8, retval=0x0, 
file_count=3)
    at /home/paul/build/php-5.2.0/Zend/zend.c:1097
#6  0x08246f48 in php_execute_script 
(primary_file=0xbffff740)
    at /home/paul/build/php-5.2.0/main/main.c:1758
#7  0x082d2783 in main (argc=2, argv=0xbffff7d4)
    at /home/paul/build/php-5.2.0/sapi/cli/php_cli.c:1108
#8  0x420158d4 in __libc_start_main () from /lib/i686/
libc.so.6
(gdb) print curr->parameter
$1 = (struct _zval_struct *) 0x4050a9d8
(gdb) print param_res
$2 = (struct _param_node *) 0x0
(gdb)

[2006-11-22 15:33 UTC] kfbombar at us dot ibm dot com

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

This bug has been fixed in CVS Head.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue May 20 00:01:26 2025 UTC