php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74186 Error if sql query has a criteria's length larger than columns' max length
Submitted: 2017-03-01 05:29 UTC Modified: 2020-09-29 10:58 UTC
From: lobo__911 at hotmail dot com Assigned:
Status: Verified Package: PDO ODBC
PHP Version: 7.0.16 OS: ALL
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: lobo__911 at hotmail dot com
New email:
PHP Version: OS:

 

 [2017-03-01 05:29 UTC] lobo__911 at hotmail dot com
Description:
------------
Please, read this github issue and follow the SO question: https://github.com/Microsoft/msphpsql/issues/307


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-09-29 10:58 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2020-09-29 10:58 UTC] cmb@php.net
Test script:

<?php
$pdo = new PDO($dsn, $user, $pass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$pdo->exec("DROP TABLE bug74186");
$pdo->exec("CREATE TABLE bug74186 (col VARCHAR(10))");
$pdo->exec("INSERT INTO bug74186 VALUES ('something')");

$stmt = $pdo->prepare("SELECT * FROM bug74186 WHERE col = ?");
var_dump($stmt->execute([str_repeat("0123456789", 27)]));
?>

Fails with: SQLSTATE[HY010]: Function sequence error.

The problem is that we're binding the parameter[1] with the proper
ColumnSize (aka. precision) of 10[1], but then putting data into
the parameter[2] which exceeds that column size.  The ODBC Driver
for SQL Server (and maybe others as well, but not, for instance,
the MySQL ODBC 8.0 Unicode Driver; according to the ODBC
Specification 3.8 either behavior seems to be conforming) is picky
about that, and SQLPutData() actually fails with [22001] String
data, right truncation; we don't catch that error, but go on
calling SQLParamData() again, what triggers the [HY010] Function
sequence error.

The same issue occurs also if the user prepares respective DML
queries.

It is not clear *how* we should solve this.  We could either be
strict about the length of bound parameters and reject these right
away, or we could be more liberal for strict drivers by silently
truncating the parameter values.  The latter would not break BC,
but might be regarded the wrong behavior.

[1] <https://github.com/php/php-src/blob/php-7.3.23/ext/pdo_odbc/odbc_stmt.c#L379-L386>
[2] <https://github.com/php/php-src/blob/php-7.3.23/ext/pdo_odbc/odbc_stmt.c#L200-L201>
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Oct 23 12:01:24 2020 UTC