php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73589 segfault in pdo_dblib_error_handler
Submitted: 2016-11-23 13:52 UTC Modified: -
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: adambaratz@php.net Assigned:
Status: Open Package: PDO DBlib
PHP Version: 7.0.13 OS:
Private report: No CVE-ID: None
 [2016-11-23 13:52 UTC] adambaratz@php.net
Description:
------------
If einfo is provided by dbgetuserdata, a segfault occurs at the strcpy at the end of the function.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-11-23 14:03 UTC] adambaratz@php.net
Example backtrace:

#0  0x00007f871d9ee3c0 in strcpy (__src=<optimized out>, __dest=0x6874206d6f726620 <Address 0x6874206d6f726620 out of bounds>) at string3.h:104
#1  pdo_dblib_error_handler (dbproc=<optimized out>, severity=16, dberr=20018, oserr=-1, dberrstr=0x7f871e9f3560 "General SQL Server error: Check messages from the SQL Server",
    oserrstr=0x0) at pdo_dblib.c:129
#2  0x00007f871e9bccc4 in _dblib_handle_info_message () from libsybdb.so.5
#3  0x00007f871e9ca9fb in tds_process_msg () from libsybdb.so.5
#4  0x00007f871e9ca152 in tds_process_default_tokens () from libsybdb.so.5
#5  0x00007f871e9cb729 in tds_process_tokens () from libsybdb.so.5
#6  0x00007f871e9b60d0 in dbsqlok () from libsybdb.so.5
#7  0x00007f871d9eea89 in pdo_dblib_transaction_cmd (cmd=<optimized out>, dbh=<optimized out>)
    at dblib_driver.c:203
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 16:01:29 2024 UTC