tests sqlite_027.phpt

Ilia Alshanetsky Thu, 26 Feb 2004 22:13:52 -0800

iliaa           Thu Feb 26 19:29:11 2004 EDT

  Added files:                 
    /php-src/ext/sqlite/tests   sqlite_027.phpt


  Modified files:              
    /php-src/ext/sqlite sqlite.c 
  Log:
  Fixed possible crash inside sqlite_escape_string() and 
  sqlite_udf_encode_binary().
  
  
http://cvs.php.net/diff.php/php-src/ext/sqlite/sqlite.c?r1=1.125&r2=1.126&ty=u
Index: php-src/ext/sqlite/sqlite.c
diff -u php-src/ext/sqlite/sqlite.c:1.125 php-src/ext/sqlite/sqlite.c:1.126
--- php-src/ext/sqlite/sqlite.c:1.125   Wed Feb 25 15:16:25 2004
+++ php-src/ext/sqlite/sqlite.c Thu Feb 26 19:29:09 2004
@@ -17,7 +17,7 @@
    |          Marcus Boerger <[EMAIL PROTECTED]>                              |
    +----------------------------------------------------------------------+
 
-   $Id: sqlite.c,v 1.125 2004/02/25 20:16:25 abies Exp $ 
+   $Id: sqlite.c,v 1.126 2004/02/27 00:29:09 iliaa Exp $ 
 */
 
 #ifdef HAVE_CONFIG_H
@@ -1054,7 +1054,7 @@
 {
        php_info_print_table_start();
        php_info_print_table_header(2, "SQLite support", "enabled");
-       php_info_print_table_row(2, "PECL Module version", PHP_SQLITE_MODULE_VERSION " 
$Id: sqlite.c,v 1.125 2004/02/25 20:16:25 abies Exp $");
+       php_info_print_table_row(2, "PECL Module version", PHP_SQLITE_MODULE_VERSION " 
$Id: sqlite.c,v 1.126 2004/02/27 00:29:09 iliaa Exp $");
        php_info_print_table_row(2, "SQLite Library", sqlite_libversion());
        php_info_print_table_row(2, "SQLite Encoding", sqlite_libencoding());
        php_info_print_table_end();
@@ -2604,7 +2604,7 @@
                /* binary string */
                int enclen;
                
-               ret = emalloc( 1 + ((256 * stringlen + 1262) / 253) );
+               ret = emalloc( 1 + 5 + stringlen * (256 / 253) );
                ret[0] = '\x01';
                enclen = php_sqlite_encode_binary(string, stringlen, ret+1);
                RETVAL_STRINGL(ret, enclen+1, 0);
@@ -2834,7 +2834,7 @@
                int enclen;
                char *ret;
                
-               ret = emalloc( 1 + ((256 * datalen + 1262) / 253) );
+               ret = emalloc( 1 + 5 + datalen * (256 / 253) );
                ret[0] = '\x01';
                enclen = php_sqlite_encode_binary(data, datalen, ret+1);
                RETVAL_STRINGL(ret, enclen+1, 0);

http://cvs.php.net/co.php/php-src/ext/sqlite/tests/sqlite_027.phpt?r=1.1&p=1
Index: php-src/ext/sqlite/tests/sqlite_027.phpt
+++ php-src/ext/sqlite/tests/sqlite_027.phpt
--TEST--
sqlite: crash inside sqlite_escape_string() & sqlite_udf_encode_binary
--SKIPIF--
<?php # vim:ft=php
if (!extension_loaded("sqlite")) print "skip"; ?>
--FILE--
<?php
        var_dump(strlen(sqlite_escape_string(str_repeat("\0", 20000000))));
        var_dump(strlen(sqlite_udf_encode_binary(str_repeat("\0", 20000000))));
?>
--EXPECT--
int(20000002)
int(20000002)

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php-src /ext/sqlite sqlite.c /ext/sqlite/tests sqlite_027.phpt

Reply via email to