php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61212 PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO
Submitted: 2012-02-29 19:21 UTC Modified: 2012-03-14 20:20 UTC
From: anilvarghese25 at gmail dot com Assigned: iliaa
Status: Closed Package: PDO related
PHP Version: 5.3.10 OS: Linux
Private report: No CVE-ID:
 [2012-02-29 19:21 UTC] anilvarghese25 at gmail dot com
Description:
------------
PDO ODBC segfaults when a column less than 256 bytes are retrieved (has to be SUCCESS_WITH_INFO). The buffer is allocated with the assumption the retrieved column is greater than 256 bytes. When a column with say 150 bytes are allocated, the code tries to write 256 bytes to the buffer and results in a segfault.

The segfaults go away by ensuring the column length is checked before assigning characters to the buffer.  

Test script:
---------------
<requires a column coming from the db with a character encoding issue and length less than 256>




Expected result:
----------------
Should work regardless of the length of the column data

Actual result:
--------------
Segmentation Fault

Patches

Segfault_fix_for_pdo_odbc (last revision 2012-02-29 19:21 UTC) by anilvarghese25 at gmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-03-14 20:20 UTC] iliaa@php.net
Automatic comment from SVN on behalf of iliaa
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=324251
Log: Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO).
 [2012-03-14 20:20 UTC] iliaa@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: iliaa
 [2012-03-14 20:20 UTC] iliaa@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 [2012-04-18 09:45 UTC] laruence@php.net
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=283accdf159ed98f5ac4d2f89f9ee2a2de1c946a
Log: Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO).
 [2012-07-24 23:36 UTC] rasmus@php.net
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=283accdf159ed98f5ac4d2f89f9ee2a2de1c946a
Log: Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO).
 [2013-11-17 09:33 UTC] laruence@php.net
Automatic comment on behalf of iliaa
Revision: http://git.php.net/?p=php-src.git;a=commit;h=283accdf159ed98f5ac4d2f89f9ee2a2de1c946a
Log: Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO).
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 03:02:42 2014 UTC