|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #73589 segfault in pdo_dblib_error_handler
Submitted: 2016-11-23 13:52 UTC Modified: -
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: Assigned:
Status: Open Package: PDO DBlib
PHP Version: 7.0.13 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
New email:
PHP Version: OS:


 [2016-11-23 13:52 UTC]
If einfo is provided by dbgetuserdata, a segfault occurs at the strcpy at the end of the function.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-11-23 14:03 UTC]
Example backtrace:

#0  0x00007f871d9ee3c0 in strcpy (__src=<optimized out>, __dest=0x6874206d6f726620 <Address 0x6874206d6f726620 out of bounds>) at string3.h:104
#1  pdo_dblib_error_handler (dbproc=<optimized out>, severity=16, dberr=20018, oserr=-1, dberrstr=0x7f871e9f3560 "General SQL Server error: Check messages from the SQL Server",
    oserrstr=0x0) at pdo_dblib.c:129
#2  0x00007f871e9bccc4 in _dblib_handle_info_message () from
#3  0x00007f871e9ca9fb in tds_process_msg () from
#4  0x00007f871e9ca152 in tds_process_default_tokens () from
#5  0x00007f871e9cb729 in tds_process_tokens () from
#6  0x00007f871e9b60d0 in dbsqlok () from
#7  0x00007f871d9eea89 in pdo_dblib_transaction_cmd (cmd=<optimized out>, dbh=<optimized out>)
    at dblib_driver.c:203
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Apr 15 10:01:29 2024 UTC