Bug #61259 [Asn->Csd]: "Segment Fault" executing a prepared statement with PDO-Mysql

[uabitesoj at gmail dot com]

Edit report at https://bugs.php.net/bug.php?id=61259&edit=1

 ID:                 61259
 User updated by:    uabitesoj at gmail dot com
 Reported by:        uabitesoj at gmail dot com
 Summary:            "Segment Fault" executing a prepared statement with
                     PDO-Mysql
-Status:             Assigned
+Status:             Closed
 Type:               Bug
 Package:            PDO related
 Operating System:   Linux 2.6.18 Centos 5.7
 PHP Version:        5.3.10
 Assigned To:        mysql
 Block user comment: N
 Private report:     N

 New Comment:

Nobody answer! php-5.4.0 has the same problem.


Previous Comments:
------------------------------------------------------------------------
[2012-03-27 00:41:30] uabitesoj at gmail dot com

The schema of the table "user" is

CREATE TABLE IF NOT EXISTS `user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `nombre` varchar(254) NOT NULL,
  `login` varchar(254) NOT NULL,
  `passwd` varchar(254) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1;

But the problem is in "mysqlnd_cset_escape_slashes" function.
I don't have much experience with C language but it is extrange that "cset" has 
a 0 value and afterwards is used as an struct pointer: "cset->char_maxlen" and 
"cset->mb_valid(escapestr, end)".

------------------------------------------------------------------------
[2012-03-20 11:56:39] m...@php.net

Can you please provide us with the exact schema definition of the MySQL table 
"user" that you referring to?

------------------------------------------------------------------------
[2012-03-07 00:38:51] uabitesoj at gmail dot com

Thank you for your reply.

I recompiled my php with the suggested options for --with_mysqli and 
--with_pdo_mysql, and also I tried using the last snapshot. In all cases again 
I get a "Segment Fault" error.

The backtrace points to some problem in "mysqlnd_cset_escape_slashes" function.

------------------------------------------------------------------------
[2012-03-05 00:29:24] johan...@php.net

Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

Your configure line is confusing.

--with-mysqli=mysqlnd \
--with-pdo-mysql \
--with-mysql-sock=/var/lib/mysql/mysqld.sock \

myslqi is using myslqnd whereas pdo_mysql is using libmysql from it's default 
location. Is that really your configuration? It is suggested to use mysqlnd for 
both.

--with-mysqli=mysqlnd \
--with-pdo-mysql=myslqnd

your backtrace indicates a conflict there (as it is referring to mysqlnd which 
shouldn't be used by PDO with the given configuration)

I couldn't reproduce with a pure myslqnd build. Please verify your 
configuration.

------------------------------------------------------------------------
[2012-03-03 03:58:24] uabitesoj at gmail dot com

Description:
------------
Now I'm using php-5.3.10.

Executing a prepared sql statemente with pdo-mysql produces a "Segmento Fault" 
error.

The configure line used to compile php is:
./configure \
--prefix=/usr/lib/php-5.3.10 \
--exec-prefix=/usr/lib/php-5.3.10 \
--with-apxs2=/usr/local/apache2/bin/apxs \
--with-config-file-path=/etc \
--enable-zip \
--enable-debug \
--with-curl=/usr/local \
--with-readline \
--enable-mbstring \
--with-mysqli=mysqlnd \
--with-pdo-mysql \
--with-mysql-sock=/var/lib/mysql/mysqld.sock \
--with-openssl \
--with-zlib \
--with-gd


Test script:
---------------
<?php
$dbh = new PDO('mysql:host=localhost;dbname=acceso', 'dbuser', 'dbpass');
$sql = 'INSERT INTO user (id, nombre, login, passwd) VALUES (?, ?, ?, ?)';
$stm = $dbh->prepare($sql);
$stm->bindValue(1, 0);
$stm->bindValue(2, 'Name, Last Name, etc. etc.');
$stm->bindValue(3, 'log_name');
$stm->bindValue(4, SHA1('log_name', FALSE));
$stm->execute();
echo 'New user record saved in DB';
?>

Expected result:
----------------
Echoed 'New user record saved in DB' and a new record in "user" table.

Actual result:
--------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.0.1-37.el5_7.1)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/php...done.
(gdb) run ExecutePrepared.php
Starting program: /usr/bin/php ExecutePrepared.php
warning: .dynamic section for "/lib/libc.so.6" is not at the expected address
warning: difference appears to be caused by prelink, adjusting expectations
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x08325563 in mysqlnd_cset_escape_slashes (cset=0x0, newstr=0x89db217 "p", 
escapestr=0x89dca6c "Name, Last name, etc., etc.",
    escapestr_len=27) at 
/d/software/Php/php-5.3.10/ext/mysqlnd/mysqlnd_charset.c:718
718                     if (cset->char_maxlen > 1 && (len = 
cset->mb_valid(escapestr, end))) {
(gdb) bt
#0  0x08325563 in mysqlnd_cset_escape_slashes (cset=0x0, newstr=0x89db217 "p", 
escapestr=0x89dca6c "Name, Last name, etc., etc.",
    escapestr_len=27) at 
/d/software/Php/php-5.3.10/ext/mysqlnd/mysqlnd_charset.c:718
#1  0x081f6a55 in mysql_handle_quoter (dbh=0x89dc118, unquoted=0x89dca6c "Name, 
Last name, etc., etc.", unquotedlen=27,
    quoted=0x89de1a0, quotedlen=0x89de19c, paramtype=PDO_PARAM_STR) at 
/d/software/Php/php-5.3.10/ext/pdo_mysql/mysql_driver.c:337
#2  0x081f5f89 in pdo_parse_params (stmt=0x89ddbec,
    inquery=0x89ddd0c "INSERT INTO user (id, nombre, login, passwd) VALUES (?, 
?, ?, ?)", inquery_len=64, outquery=0x89ddc38,
    outquery_len=0x89ddc3c) at 
/d/software/Php/php-5.3.10/ext/pdo/pdo_sql_parser.c:585
#3  0x081f2d59 in zim_PDOStatement_execute (ht=0, return_value=0x89ddeec, 
return_value_ptr=0x0, this_ptr=0x89dc1ec,
    return_value_used=0) at /d/software/Php/php-5.3.10/ext/pdo/pdo_stmt.c:497
#4  0x083b2619 in zend_do_fcall_common_helper_SPEC (execute_data=0x8a0dcc8)
    at /d/software/Php/php-5.3.10/Zend/zend_vm_execute.h:320
#5  0x083b1ca8 in execute (op_array=0x89db224) at 
/d/software/Php/php-5.3.10/Zend/zend_vm_execute.h:107
#6  0x0838ced7 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at 
/d/software/Php/php-5.3.10/Zend/zend.c:1236
#7  0x0833b5de in php_execute_script (primary_file=0xbfffe5ac) at 
/d/software/Php/php-5.3.10/main/main.c:2308
#8  0x0840f37b in main (argc=2, argv=0xbfffe714) at 
/d/software/Php/php-5.3.10/sapi/cli/php_cli.c:1184




------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=61259&edit=1