php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72571 SQLite3::bindValue, SQLite3::bindParam crash
Submitted: 2016-07-10 20:34 UTC Modified: 2016-07-11 01:20 UTC
From: dedlegprod at gmail dot com Assigned:
Status: Closed Package: SQLite related
PHP Version: 7.0.8 OS: Linux (Arch)
Private report: No CVE-ID:
 [2016-07-10 20:34 UTC] dedlegprod at gmail dot com
Description:
------------
Hello!

I'm using archlinux, php 7.0.8 and sqlite3 module version => 0.7-dev, library => 3.13.0.

I'm getting crash in SQLite3::bindValue and SQLite3::bindParam. The crash seems to occur when invalid index is passed.

Test script:
---------------
<?php

$db = new SQLite3("./test.db");
$stmt = $db->prepare("select 1, 2, 3 from sqlite_master where 1 = ?");

// bindParam crash
$i = 0;
$stmt->bindParam(0, $i);

// bindValue crash
$stmt->bindParam(0, 1);

// not reached
$stmt->execute();
$db->close();


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-07-11 01:20 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2016-07-11 01:20 UTC] cmb@php.net
Confirmed: <https://3v4l.org/hXF48>.
 [2016-07-11 03:52 UTC] laruence@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a19655cfe39e4207da211610e3fc6550a6af07a0
Log: Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash)
 [2016-07-11 03:52 UTC] laruence@php.net
-Status: Verified +Status: Closed
 [2016-07-20 11:30 UTC] davey@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a19655cfe39e4207da211610e3fc6550a6af07a0
Log: Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash)
 [2016-10-17 10:11 UTC] bwoebi@php.net
Automatic comment on behalf of laruence@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=a19655cfe39e4207da211610e3fc6550a6af07a0
Log: Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash)
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Wed Jul 26 14:01:37 2017 UTC