From: tony2001 at phpclub dot net
Operating system: Linux
PHP version: 5CVS-2005-02-17 (dev)
PHP Bug Type: MSSQL related
Bug description: mssql_bind() causes buffer overruns & memleaks
Description:
------------
mssql_bind() causes some buffer overruns & memleaks if you try to bind the
same parameter *several times*.
Reproduce code:
---------------
<?php
$c = mssql_connect($host, $user, $passwd);
mssql_select_db($dbase);
$r = mssql_init('nonex_stored_proc'); // that doesn't mean
mssql_bind($r, "param", $param, SQLTEXT, 0, 0, 10);
mssql_bind($r, "param", $param, SQLTEXT, 0, 0, 10);
echo "Done\n";
?>
Expected result:
----------------
Done
Actual result:
--------------
[Thu Feb 17 16:18:27 2005] Script: '/www/index.php'
---------------------------------------
/home/dev/php-src/Zend/zend_execute.h(127) : Block 0x082C2FF0 status:
/home/dev/php-src/Zend/zend_execute.h(64) : Actual location (location was
relayed)
Beginning: OK (allocated on
/home/dev/php-src/Zend/zend_vm_execute.h:157, 16 bytes)
End: Overflown (magic=0x082C3764 instead of 0x2A8FCC84)
At least 4 bytes overflown
---------------------------------------
Done
/home/dev/php-src/Zend/zend_vm_execute.h(157) : Freeing 0x082BF87C (16
bytes), script=/www/qa/tests/ext/mssql/030.php
Last leak repeated 1 time
/home/dev/php-src/Zend/zend_vm_execute.h(17922) : Freeing 0x082C3764 (16
bytes), script=/www/qa/tests/ext/mssql/030.php
=== Total 3 memory leaks detected ===
--
Edit bug report at http://bugs.php.net/?id=32009&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=32009&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=32009&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=32009&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=32009&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=32009&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=32009&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=32009&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=32009&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=32009&r=support
Expected behavior: http://bugs.php.net/fix.php?id=32009&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=32009&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=32009&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=32009&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=32009&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=32009&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=32009&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=32009&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=32009&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=32009&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=32009&r=mysqlcfg
