php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74021 fetch_array broken data. Data more then MEDIUMBLOB
Submitted: 2017-01-31 11:00 UTC Modified: 2017-03-01 14:56 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: mavgust at radaris dot com Assigned: nikic
Status: Closed Package: MySQLi related
PHP Version: 7.1.1 OS: Linux(Centos)
Private report: No CVE-ID:
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
46 + 45 = ?
Subscribe to this entry?

 
 [2017-01-31 11:00 UTC] mavgust at radaris dot com
Description:
------------
IF size of all reading fields from mysql table  >MEDIUMBLOB (16777215), last field broken 
In php version 7.1.0 all right

Test script:
---------------
$table = 'test';
$m = mysqli_connect("lacalhost", "user", "pwd", "db");
$m->query("CREATE TABLE `".$table."` (  `id` tinyint(4) NOT NULL,  
            `first` mediumblob NOT NULL,
            `second` mediumblob NOT NULL,
            `third` mediumblob NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM");
$sm = $m->prepare("INSERT INTO ".$table." (id,first, second, third) VALUES (?,?,?,?)");    
$sm->bind_param("isss",$id,$d,$d,$d);
$id =  1;
$d = str_pad("1", 6000000, "1");
$sm->execute();
$sm->close();
$res = $m->query("select first,second,third from ".$table." where id=1");
$r=$res->fetch_array();
echo "\n\nFirst: ".md5($r['first']). "\nSecond: ".md5($r['second']). "\nThird: ".md5($r['third']);
$res = $m->query("select third,first,second from ".$table." where id=1");
$r=$res->fetch_array();
echo "\n\nFirst: ".md5($r['first']). "\nSecond: ".md5($r['second']). "\nThird: ".md5($r['third']);
$res = $m->query("select second,third,first from ".$table." where id=1");
$r=$res->fetch_array();
echo "\n\nFirst: ".md5($r['first']). "\nSecond: ".md5($r['second']). "\nThird: ".md5($r['third']);

Expected result:
----------------
First: 0ee40b4246130ee135b58c07382e69f6
Second: 0ee40b4246130ee135b58c07382e69f6
Third: 0ee40b4246130ee135b58c07382e69f6

Actual result:
--------------
First: 0ee40b4246130ee135b58c07382e69f6
Second: 0ee40b4246130ee135b58c07382e69f6
Third: c7090cb3ccbc696b3c6cc1e6c4c2fb29

First: 0ee40b4246130ee135b58c07382e69f6
Second: c7090cb3ccbc696b3c6cc1e6c4c2fb29
Third: 0ee40b4246130ee135b58c07382e69f6

First: c7090cb3ccbc696b3c6cc1e6c4c2fb29
Second: 0ee40b4246130ee135b58c07382e69f6
Third: 0ee40b4246130ee135b58c07382e69f6

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-02-01 07:46 UTC] andrew dot nester dot dev at gmail dot com
I was unable to reproduce this on latest PHP version.
what is you MySQL configuration, for example, max_allowed_packet?
 [2017-02-01 08:43 UTC] mavgust at radaris dot com
max_allowed_packet | 67108864 
I try 
$res = $m->query("SELECT RPAD('1',9000000,'1') as a,RPAD('1',9000000,'1') as b")
$r = $res->fetch_array()

md5($r['a']) = 42ca0fd16ab6b6d4b9d47dc0a4a8b12a
md5($r['b']) = 6344f4429e683a9d37bef06feecbfe87

BUT REQUEST  $m->query("SELECT RPAD('1',9000000,'1') as a,RPAD('1',9000000,'1') as b,'test' as c")
Return ERROR mysqli_result::fetch_array(): Malformed server packet. Field length pointing 44 bytes after end of packet
I downgrade php package from  php.x86_64 0:7.1.1-2.el7.remi to  php.x86_64 0:7.1.0-1.el7.remi and all work fine
 [2017-02-01 10:48 UTC] andrew dot nester dot dev at gmail dot com
Just added PR on GitHub with fix for this issue.
 [2017-02-12 11:52 UTC] nikic@php.net
Automatic comment on behalf of andrew.nester.dev@gmail.com
Revision: http://git.php.net/?p=php-src.git;a=commit;h=01c1afa79f614fe8376e73f4e73f392160923745
Log: Fixed bug #74021
 [2017-02-12 11:52 UTC] nikic@php.net
-Status: Open +Status: Closed
 [2017-02-16 09:55 UTC] spam2 at rhsoft dot net
i have similar issues on 7.0.15 with a 15 MB base64 data column and fetch_assoc(), hopefully this will be fixed too soon

[16-Feb-2017 10:33:15 Europe/Vienna] PHP Warning:  mysqli_fetch_assoc() [<a href='http://at.php.net/manual/de/function.mysqli-fetch-assoc.php'>function.mysqli-fetch-assoc.php</a>]: Malformed server packet. Field length pointing 22 bytes after end of packet in /phpincludes/global_mysql_class.inc.php on line 639
[16-Feb-2017 10:33:15 Europe/Vienna] PHP Warning:  mysqli_fetch_assoc() [<a href='http://at.php.net/manual/de/function.mysqli-fetch-assoc.php'>function.mysqli-fetch-assoc.php</a>]: Error while reading a row in /phpincludes/global_mysql_class.inc.php on line 639
 [2017-03-01 14:32 UTC] mavgust at radaris dot com
-Status: Closed +Status: Assigned
 [2017-03-01 14:32 UTC] mavgust at radaris dot com
I test in php 7.1.2 this bug not fixed

$res = $m->query("SELECT RPAD('1',9000000,'1') as a,RPAD('1',9000000,'1') as b")
$r = $res->fetch_array()

md5($r['a']) = 42ca0fd16ab6b6d4b9d47dc0a4a8b12a
md5($r['b']) = 6344f4429e683a9d37bef06feecbfe87
 [2017-03-01 14:56 UTC] nikic@php.net
-Status: Assigned +Status: Closed -Assigned To: +Assigned To: nikic
 [2017-03-01 14:56 UTC] nikic@php.net
The fix is in 7.0.17 and 7.1.3. So yes, 7.1.2 still has the issue.
 [2017-03-01 14:56 UTC] spam2 at rhsoft dot net
it's known because the commit did not make it into 7.1.2 who's RC was long out

may i suggest to the developers that they add a comment in which release a fix will be included when closing bugs so that such a closed/re-open not happens all the time?
 [2017-03-14 20:55 UTC] spam2 at rhsoft dot net
'fetch_array' is for sure not the only affected part since we don#t use taht function anywhere while to currently not announced 7.0.17GA fixes that regression in case of fetch_assoc()
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Thu Mar 30 06:01:52 2017 UTC