Edit report at http://bugs.php.net/bug.php?id=52636&edit=1
ID: 52636
Comment by: rein at basefarm dot no
Reported by: rein at basefarm dot no
Summary: php_mysql_fetch_hash writes long value into int
Status: Open
Type: Bug
Package: MySQL related
Operating System: Solaris10 on sparc
PHP Version: 5.3.3
Block user comment: N
New Comment:
Adding a patch doesn't work, so here it is:
Index: ext/mysql/php_mysql.c
===================================================================
RCS file: ext/mysql/php_mysql.c,v
retrieving revision 1.1.1.21
retrieving revision 1.2
diff -u -u -r1.1.1.21 -r1.2
--- ext/mysql/php_mysql.c 16 Aug 2010 17:58:34 -0000 1.1.1.21
+++ ext/mysql/php_mysql.c 18 Aug 2010 14:09:13 -0000 1.2
@@ -2040,9 +2040,12 @@
} else
#endif
{
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|l",
&res,
&result_type) == FAILURE) {
+ long res_type = result_type;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r|l",
&res,
&res_type) == FAILURE) {
return;
}
+ result_type = res_type;
if (!result_type) {
/* result_type might have been set outside, so only
overwrite when
not set */
result_type = MYSQL_BOTH;
Previous Comments:
------------------------------------------------------------------------
[2010-08-18 16:35:17] rein at basefarm dot no
Description:
------------
In php_mysql_fetch_hash(), zend_parse_parameters() is passed
&result_type, an int variable, which it is instructed to write a long
value into. On a big-endian system like the sparc it writes outside the
memory location of result_type.
The mysql_fetch_array tests in:
ext/mysql/tests/002.phpt
ext/mysql/tests/mysql_fetch_array.phpt
fails on Solaris sparc systems without this patch, it always behaves as
if the one-argument version of mysql_fetch_array is called.
This bug may be causing the problem reported in bug#51601.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=52636&edit=1
