mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound)
This commit is contained in:
parent
c35bd4861d
commit
66ad4fc393
4
NEWS
4
NEWS
@ -2,6 +2,10 @@ PHP NEWS
|
||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||
?? ??? 2016 PHP 7.0.8
|
||||
|
||||
- PDO_pgsql:
|
||||
. Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound).
|
||||
(Laruence)
|
||||
|
||||
|
||||
26 May 2016 PHP 7.0.7
|
||||
|
||||
|
@ -288,6 +288,10 @@ static int pgsql_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *
|
||||
break;
|
||||
|
||||
case PDO_PARAM_EVT_ALLOC:
|
||||
if (!zend_hash_index_exists(stmt->bound_param_map, param->paramno)) {
|
||||
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "parameter was not defined");
|
||||
return 0;
|
||||
}
|
||||
case PDO_PARAM_EVT_EXEC_POST:
|
||||
case PDO_PARAM_EVT_FETCH_PRE:
|
||||
case PDO_PARAM_EVT_FETCH_POST:
|
||||
@ -315,10 +319,12 @@ static int pgsql_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *
|
||||
if (param->paramno >= 0) {
|
||||
zval *parameter;
|
||||
|
||||
/*
|
||||
if (param->paramno >= zend_hash_num_elements(stmt->bound_params)) {
|
||||
pdo_raise_impl_error(stmt->dbh, stmt, "HY093", "parameter was not defined");
|
||||
return 0;
|
||||
}
|
||||
*/
|
||||
|
||||
if (Z_ISREF(param->parameter)) {
|
||||
parameter = Z_REFVAL(param->parameter);
|
||||
|
21
ext/pdo_pgsql/tests/bug71573.phpt
Normal file
21
ext/pdo_pgsql/tests/bug71573.phpt
Normal file
@ -0,0 +1,21 @@
|
||||
--TEST--
|
||||
Bug #71573 (Segfault (core dumped) if paramno beyond bound)
|
||||
--SKIPIF--
|
||||
<?php
|
||||
if (!extension_loaded('pdo') || !extension_loaded('pdo_pgsql')) die('skip not loaded');
|
||||
require_once dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc';
|
||||
require_once dirname(__FILE__) . '/config.inc';
|
||||
PDOTest::skip();
|
||||
?>
|
||||
--FILE--
|
||||
<?php
|
||||
require_once dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc';
|
||||
require_once dirname(__FILE__) . '/config.inc';
|
||||
$db = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt');
|
||||
|
||||
$statement = $db->prepare('select ?');
|
||||
$statement->execute([ 'test', 'test', 'test' ]);
|
||||
|
||||
?>
|
||||
--EXPECTF--
|
||||
Warning: PDOStatement::execute(): SQLSTATE[HY093]: Invalid parameter number: parameter was not defined in %sbug71573.php on line %d
|
Loading…
Reference in New Issue
Block a user