php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76586 DB2 Binding Parameter Memory Bug
Submitted: 2018-07-06 10:49 UTC Modified: 2018-07-06 11:58 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: dan dot ridgway at proximity dot co dot uk Assigned: vnkbabu (profile)
Status: Assigned Package: ibm_db2 (PECL)
PHP Version: 7.1.19 OS: IBMi V7R3
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dan dot ridgway at proximity dot co dot uk
New email:
PHP Version: OS:

 

 [2018-07-06 10:49 UTC] dan dot ridgway at proximity dot co dot uk
Description:
------------
If you try to bind a parameter of blank or empty in a UPPER(?) query it will try to allocate 1073741824 bytes no matter what field or file you are running the query on.

Exmaple of query that is broken...
SELECT ADDID, ADDNAME from ADDRESS where UPPER(ADDNAME) LIKE UPPER(?)

? is a empty string with no spaces.

The above logs the following error on the function db2_execute($stmt)...
PHP Fatal error: Allowed memory size of 786432000 bytes exhausted (tried to allocate 1073741824 bytes)


Example of query that works...
SELECT ADDID, ADDNAME from ADDRESS where UPPER(ADDNAME) LIKE UPPER('')
Instead of binding the parameter using db2_bind_param you can include the value in the statement and it works fine.

This bug only seems to happen on binding a parameter using db2_bind_param with an empty value that's then used in a UPPER function in the query.




Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-07-06 11:00 UTC] dan dot ridgway at proximity dot co dot uk
-Operating System: V7R3 +Operating System: IBMi V7R3
 [2018-07-06 11:00 UTC] dan dot ridgway at proximity dot co dot uk
Updated OS
 [2018-07-06 11:58 UTC] cmb@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: vnkbabu
 [2018-07-06 11:58 UTC] cmb@php.net
Assigned to maintainer.
 [2018-07-18 12:34 UTC] shlomo dot v at zend dot com
This issue confirmed with latest db2 version 2.0.x 
Appears the LIKE is not working while NOT LIKE is ok.
 [2018-07-18 12:37 UTC] shlomo dot v at zend dot com
This issue confirmed with latest db2 version 2.0.x 
Appears the LIKE is not working while NOT LIKE is ok.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Wed Jul 17 09:01:26 2019 UTC