PHP :: Bug #76726 :: Segmentation fault when fetching truncated 4 bytes Unicode character
php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76726 Segmentation fault when fetching truncated 4 bytes Unicode character
Submitted: 2018-08-09 18:17 UTC Modified: 2018-08-13 11:01 UTC
From: maxiwheat at gmail dot com Assigned: adambaratz (profile)
Status: Assigned Package: PDO DBlib
PHP Version: 7.2.8 OS: Linux Slackware 14.1
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2018-08-09 18:17 UTC] maxiwheat at gmail dot com
Description:
------------
We experienced this issue when a string was inserted in a table column of type NVARCHAR and that string ended with a 4 bytes unicode character, but the column was not large enough to contain the whole string, so the string got truncated, but instead of truncating the whole 4 bytes character it got truncated in the middle (because SQL Server stores string as USC-2, 2 bytes per character) and becoming an invalid unicode character. With SQL Server Management Studio, we can still query that column without issues, except that the character is replaced by an invalid character (�)

Test script:
---------------
$conn = new PDO('dblib:host=myhost.local;dbname=MyDB;charset=UTF-8;', 'myuser', 'mypass');

$sql = "DECLARE @test AS NVARCHAR(1) = N'????'; SELECT @test AS test;";
$stmt = $conn->prepare($sql);
$stmt->execute();

// Skip rowcount result
$stmt->nextRowset();

$row = $stmt->fetch(PDO::FETCH_ASSOC);

echo $row['test'];

Expected result:
----------------
Outputs truncated string/byte like � or an empty string, does not segfault.

Actual result:
--------------
Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-08-09 18:21 UTC] maxiwheat at gmail dot com
a
 [2018-08-09 18:23 UTC] maxiwheat at gmail dot com
SQL query got saved badly, should be :

$sql = "DECLARE @test AS NVARCHAR(1) = N'????'; SELECT @test AS test;";
 [2018-08-09 18:27 UTC] maxiwheat at gmail dot com
Arggggg cannot even post the bug correctly,,, it does not appear correctly here.... character that produce the bug is the christmas tree : https://emojipedia.org/christmas-tree/

// ???? should be a christmas tree emoji
$sql = "DECLARE @test AS NVARCHAR(1) = N'????'; SELECT @test AS test;";
 [2018-08-13 11:01 UTC] cmb@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: adambaratz
 [2018-08-13 11:01 UTC] cmb@php.net
Adam, could you have a look at this issue, please?
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Thu Aug 16 12:01:24 2018 UTC