php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81382 OUT-Variables result in ORA-03131
Submitted: 2021-08-25 14:38 UTC Modified: 2021-08-29 09:55 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: php-oci8 dot pkoch at dfgh dot net Assigned: cmb (profile)
Status: Duplicate Package: OCI8 related
PHP Version: 7.4.22 OS: Solaris 11.4 SPARC 64 bigendian
Private report: No CVE-ID: None
 [2021-08-25 14:38 UTC] php-oci8 dot pkoch at dfgh dot net
Description:
------------
Using Out-Variables results in
ORA-03131: an invalid buffer was provided for the next piece
when oci_execute() is called with PHP-7.4.22 under Solaris 11.4 64bit SPARC

Bug https://bugs.php.net/bug.php?id=73002 from 2019 seems to deal with the same problem and provides patches.

Test-Script runs fine with PHP-5.6.37 (both under Solaris 64bit and Linux 32/64bit). It also has no problems with PHP-7.4.22 under Linux 64bit.

Test script:
---------------
$conn=oci_new_connect("scott","tiger","ORCL");
$stat=oci_parse($conn, "begin :out:='Hello World'; end;");
oci_bind_by_name($stat, ":out", $result, 100);
oci_execute($stat);
print "result=$result\n";





Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-08-25 14:44 UTC] cmb@php.net
-Status: Open +Status: Duplicate -Assigned To: +Assigned To: cmb
 [2021-08-25 14:44 UTC] cmb@php.net
> Bug https://bugs.php.net/bug.php?id=73002 from 2019 seems to
> deal with the same problem […]

Then this is a duplicate of bug #73002.

> and provides patches.

Consider to provide pull requests[1] instead for better visibility.

[1] <https://github.com/php/php-src/pulls>
 [2021-08-28 20:00 UTC] php-oci8 dot pkoch at dfgh dot net
Dear OCI8-developers:

ext/oci8/oci8_statement.c has some comments containing the string XXX. Seems as if the developer of this sourcefile marked all lines that had to be fixed somehow.

One of these lines is line 1504:

/* XXX we assume that zend-zval len has 4 bytes */
*alenpp = (ub4*) &Z_STRLEN_P(val);
*bufpp = Z_STRVAL_P(val);
....

Of course this assumption is wrong on 64bit machines where Z_STRLEN is 8 bytes long (i.e. size_t) and ub4 is 4 bytes long.

So when OCI8 retrieves a value it will store its length as as ub4-value into the first 4 bytes of a size_t value. If the 64bit machine was little-endian the resulting size_t-value is equal to the ub4-value. On big-endian machines the resulting size_t-value will be equal to the ub4-value shifted to the left by 32bits. And this causes the ORA-03131 error.

If one wants to store a ub4-value into a size_t-value via a pointer then this pointer must point to the first 4 bytes of the size_t value on little-endian systems and to the last 4 bytes of the size_t value on big-endian systems. And one has to make sure, that the remaining 4 bytes will all be 0.

A better solution is to let the pointer point to a ub4-value and move the value to a size_t-value later.

I added the following 4 lines after line 1505:

/* XXX we assume that zend-zval len has 4 bytes */
*alenpp = (ub4*) &Z_STRLEN_P(val);
if(sizeof(zend_long)==2*sizeof(ub4)){
  zend_long z=1;
  if(*(ub4*)&z==0) ++*alenpp;
}
*bufpp = Z_STRVAL_P(val);
....

Then everything works as expected.

Any comments?

Regards

Peter Koch
 [2021-08-29 09:39 UTC] github dot pkoch at dfgh dot net
The following pull request has been associated:

Patch Name: fix ora-03131 on bigendian 64bit machines
On GitHub:  https://github.com/php/php-src/pull/7422
Patch:      https://github.com/php/php-src/pull/7422.patch
 [2021-08-29 09:49 UTC] php-oci8 dot pkoch at dfgh dot net
> > Bug https://bugs.php.net/bug.php?id=73002 from 2019 seems to
> > deal with the same problem […]
> 
> Then this is a duplicate of bug #73002.
>
> > and provides patches.
>
> Consider to provide pull requests[1] instead for better visibility.
 [2021-08-29 09:55 UTC] php-oci8 dot pkoch at dfgh dot net
> > Bug https://bugs.php.net/bug.php?id=73002 from 2019 seems to
> > deal with the same problem […]
> 
> Then this is a duplicate of bug #73002.
>
> > and provides patches.
>
> Consider to provide pull requests[1] instead for better visibility.

Bug #73002 deals with multiple problems and the pull request I just created deals with one of those only.

Peter
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Mon Oct 25 16:03:36 2021 UTC