PHP :: Bug #66762

Return to Bug #66762
Patch mysqli-protect-link.patch	revision 2014-02-25 07:44 UTC by remi@php.net revision 2014-02-25 07:32 UTC by remi@php.net revision 2014-02-24 18:21 UTC by remi@php.net revision 2014-02-24 16:35 UTC by remi@php.net

Patch mysqli-protect-link.patch for MySQLi related Bug #66762

Patch version 2014-02-25 07:32 UTC

Return to Bug #66762 | Download this patch

This patch is obsolete

Obsoleted by patches:

mysqli-protect-link.patch, revision 2014-02-25 07:44 UTC

This patch renders other patches obsolete

Obsolete patches:

mysqli-protect-link.patch, revision 2014-02-24 18:21 UTC

Patch Revisions: 2014-02-25 07:44 UTC | 2014-02-25 07:32 UTC | 2014-02-24 18:21 UTC | 2014-02-24 16:35 UTC

Developer: remi@php.net


 diff -ru ext/mysqli.old/mysqli_api.c ext/mysqli/mysqli_api.c
 --- ext/mysqli.old/mysqli_api.c	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/mysqli_api.c	2014-02-24 17:30:05.962796158 +0100
 @@ -1868,6 +1868,9 @@
  		MYSQLI_REPORT_MYSQL_ERROR(mysql->mysql);
 diff -up ext/mysqli/mysqli_api.c.orig ext/mysqli/mysqli_api.c
 --- ext/mysqli/mysqli_api.c.orig	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/mysqli_api.c	2014-02-25 08:16:43.597710792 +0100
 @@ -1869,6 +1869,10 @@ PHP_FUNCTION(mysqli_prepare)
   		efree(stmt);
   		RETURN_FALSE;
 +	} else {
 +		stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +		zend_objects_store_add_ref_by_handle(stmt->link_handle);
   	}
  
  	mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
 @@ -2413,6 +2416,8 @@
  		efree(stmt);
  		RETURN_FALSE;
  	}
 +	stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +	zend_objects_store_add_ref_by_handle(stmt->link_handle);
  
 +#ifndef MYSQLI_USE_MYSQLND
 +	stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +	zend_objects_store_add_ref_by_handle(stmt->link_handle);
 +#endif
  
  	mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
  	mysqli_resource->ptr = (void *)stmt;
 @@ -2413,6 +2417,10 @@ PHP_FUNCTION(mysqli_stmt_init)
  		efree(stmt);
  		RETURN_FALSE;
  	}
 +#ifndef MYSQLI_USE_MYSQLND
 +	stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +	zend_objects_store_add_ref_by_handle(stmt->link_handle);
 +#endif
  
   	mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
   	mysqli_resource->status = MYSQLI_STATUS_INITIALIZED;
 diff -ru ext/mysqli.old/mysqli.c ext/mysqli/mysqli.c
 --- ext/mysqli.old/mysqli.c	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/mysqli.c	2014-02-24 17:30:47.903105654 +0100
 @@ -181,6 +181,9 @@
  	if (stmt->query) {
  		efree(stmt->query);
  	}
 diff -up ext/mysqli/mysqli.c.orig ext/mysqli/mysqli.c
 --- ext/mysqli/mysqli.c.orig	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/mysqli.c	2014-02-25 08:21:37.336860837 +0100
 @@ -176,8 +176,11 @@ void php_clear_stmt_bind(MY_STMT *stmt T
  	php_free_stmt_bind_buffer(stmt->param, FETCH_SIMPLE);
  	/* Clean output bind */
  	php_free_stmt_bind_buffer(stmt->result, FETCH_RESULT);
 -#endif
  
  +	if (stmt->link_handle) {
  +	    zend_objects_store_del_ref_by_handle(stmt->link_handle TSRMLS_CC);
  +	}
  	efree(stmt);
  }
  /* }}} */
 @@ -1068,6 +1071,9 @@
  	if (!stmt->stmt) {
 +#endif
  	if (stmt->query) {
  		efree(stmt->query);
  	}
 @@ -1069,6 +1072,10 @@ PHP_FUNCTION(mysqli_stmt_construct)
   		efree(stmt);
   		RETURN_FALSE;
 +	} else {
 +		stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +		zend_objects_store_add_ref_by_handle(stmt->link_handle);
   	}
 +#ifndef MYSQLI_USE_MYSQLND
 +	stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
 +	zend_objects_store_add_ref_by_handle(stmt->link_handle);
 +#endif
   
   	mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
 diff -ru ext/mysqli.old/php_mysqli_structs.h ext/mysqli/php_mysqli_structs.h
 --- ext/mysqli.old/php_mysqli_structs.h	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/php_mysqli_structs.h	2014-02-24 17:28:08.187924703 +0100
 @@ -116,6 +116,7 @@
  	mysqli_resource->ptr = (void *)stmt;
 diff -up ext/mysqli/php_mysqli_structs.h.orig ext/mysqli/php_mysqli_structs.h
 --- ext/mysqli/php_mysqli_structs.h.orig	2014-02-05 11:00:36.000000000 +0100
 +++ ext/mysqli/php_mysqli_structs.h	2014-02-25 08:16:43.598710795 +0100
 @@ -116,6 +116,10 @@ typedef struct {
   	BIND_BUFFER	param;
   	BIND_BUFFER	result;
   	char		*query;
 +#ifndef MYSQLI_USE_MYSQLND
 +	/* used to manage refcount with libmysql (already implement in mysqlnd) */
  +	zend_object_handle link_handle;
 +#endif
   } MY_STMT;
   
   typedef struct {
 diff -up ext/mysqli/tests/bug66762.phpt.orig ext/mysqli/tests/bug66762.phpt
 --- ext/mysqli/tests/bug66762.phpt.orig	2014-02-25 08:16:17.118619251 +0100
 +++ ext/mysqli/tests/bug66762.phpt	2014-02-25 08:31:33.252385139 +0100
 @@ -0,0 +1,26 @@
 +--TEST--
 +Bug #66762 	mysqli@libmysql segfault in mysqli_stmt::bind_result() when link closed
 +--SKIPIF--
 +<?php
 +require_once('skipif.inc');
 +require_once('skipifconnectfailure.inc');
 +?>
 +--FILE--
 +<?php
 +	require_once("connect.inc");
 +
 +	$mysqli = new mysqli($host, $user, $passwd, $db);
 +
 +	$read_stmt = $mysqli->prepare("SELECT 1");
 +
 +	var_dump($read_stmt->bind_result($data));
 +
 +	unset($mysqli);
 +	var_dump($read_stmt->bind_result($data));
 +	
 +?>
 +done!
 +--EXPECT--
 +bool(true)
 +bool(true)
 +done!
 \ Pas de fin de ligne à la fin du fichier

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 16 12:01:29 2024 UTC