fmk Wed Dec 8 14:02:30 2004 EDT
Modified files: (Branch: PHP_4_3)
/php-src/ext/mssql php_mssql.c
Log:
MFH: Fix possible leaks
http://cvs.php.net/diff.php/php-src/ext/mssql/php_mssql.c?r1=1.86.2.39&r2=1.86.2.40&ty=u
Index: php-src/ext/mssql/php_mssql.c
diff -u php-src/ext/mssql/php_mssql.c:1.86.2.39
php-src/ext/mssql/php_mssql.c:1.86.2.40
--- php-src/ext/mssql/php_mssql.c:1.86.2.39 Mon Dec 6 14:44:33 2004
+++ php-src/ext/mssql/php_mssql.c Wed Dec 8 14:02:29 2004
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: php_mssql.c,v 1.86.2.39 2004/12/06 19:44:33 iliaa Exp $ */
+/* $Id: php_mssql.c,v 1.86.2.40 2004/12/08 19:02:29 fmk Exp $ */
#ifdef COMPILE_DL_MSSQL
#define HAVE_MSSQL 1
@@ -270,14 +270,11 @@
long compatability_mode;
mssql_globals->num_persistent = 0;
+ mssql_globals->get_column_content =
php_mssql_get_column_content_with_type;
if (cfg_get_long("mssql.compatability_mode", &compatability_mode) ==
SUCCESS) {
if (compatability_mode) {
mssql_globals->get_column_content =
php_mssql_get_column_content_without_type;
- } else {
- mssql_globals->get_column_content =
php_mssql_get_column_content_with_type;
}
- } else {
- mssql_globals->get_column_content =
php_mssql_get_column_content_with_type;
}
}
@@ -517,6 +514,7 @@
if (DBSETOPT(mssql.link, DBTEXTLIMIT,
buffer)==FAIL) {
efree(hashed_details);
dbfreelogin(mssql.login);
+ dbclose(mssql.link);
RETURN_FALSE;
}
}
@@ -536,6 +534,7 @@
free(mssql_ptr);
efree(hashed_details);
dbfreelogin(mssql.login);
+ dbclose(mssql.link);
RETURN_FALSE;
}
MS_SQL_G(num_persistent)++;
@@ -546,22 +545,25 @@
log_error("PHP/MS SQL: Hashed persistent link
is not a MS SQL link!",php_rqst->server);
#endif
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Hashed persistent link is not a MS SQL link!");
+ efree(hashed_details);
RETURN_FALSE;
}
mssql_ptr = (mssql_link *) le->ptr;
/* test that the link hasn't died */
if (DBDEAD(mssql_ptr->link) == TRUE) {
+ dbclose(mssql_ptr->link);
#if BROKEN_MSSQL_PCONNECTS
log_error("PHP/MS SQL: Persistent link died,
trying to reconnect...",php_rqst->server);
#endif
- if
((mssql_ptr->link=dbopen(mssql_ptr->login,host))==FAIL) {
+ if
((mssql_ptr->link=dbopen(mssql_ptr->login,host))==NULL) {
#if BROKEN_MSSQL_PCONNECTS
log_error("PHP/MS SQL: Unable to
reconnect!",php_rqst->server);
#endif
php_error_docref(NULL TSRMLS_CC,
E_WARNING, "Link to server lost, unable to reconnect");
zend_hash_del(&EG(persistent_list),
hashed_details, hashed_details_length+1);
efree(hashed_details);
+ dbfreelogin(mssql_ptr->login);
RETURN_FALSE;
}
#if BROKEN_MSSQL_PCONNECTS
@@ -573,6 +575,8 @@
#endif
zend_hash_del(&EG(persistent_list),
hashed_details, hashed_details_length + 1);
efree(hashed_details);
+ dbfreelogin(mssql_ptr->login);
+ dbclose(mssql_ptr->link);
RETURN_FALSE;
}
}
@@ -591,6 +595,8 @@
void *ptr;
if (Z_TYPE_P(index_ptr) != le_index_ptr) {
+ efree(hashed_details);
+ dbfreelogin(mssql.login);
RETURN_FALSE;
}
link = (int) index_ptr->ptr;
@@ -600,6 +606,7 @@
Z_LVAL_P(return_value) = link;
php_mssql_set_default_link(link TSRMLS_CC);
Z_TYPE_P(return_value) = IS_RESOURCE;
+ dbfreelogin(mssql.login);
efree(hashed_details);
return;
} else {
@@ -609,12 +616,14 @@
if (MS_SQL_G(max_links) != -1 && MS_SQL_G(num_links) >=
MS_SQL_G(max_links)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Too many
open links (%ld)", MS_SQL_G(num_links));
efree(hashed_details);
+ dbfreelogin(mssql.login);
RETURN_FALSE;
}
if ((mssql.link=dbopen(mssql.login, host))==NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to
connect to server: %s", host);
efree(hashed_details);
+ dbfreelogin(mssql.login);
RETURN_FALSE;
}
@@ -630,6 +639,7 @@
if (DBSETOPT(mssql.link, DBTEXTLIMIT, buffer)==FAIL) {
efree(hashed_details);
dbfreelogin(mssql.login);
+ dbclose(mssql.link);
RETURN_FALSE;
}
}
@@ -987,6 +997,7 @@
case SQLINT2:
case SQLINT4:
convert_to_long_ex(&bind->zval);
+ /* FIXME this works
only on little endian machine !!! */
Z_LVAL_P(bind->zval) =
*((int *)(dbretdata(mssql_ptr->link,i)));
break;
@@ -1007,6 +1018,7 @@
Z_STRLEN_P(bind->zval)
= dbretlen(mssql_ptr->link,i);
Z_STRVAL_P(bind->zval)
= estrndup(dbretdata(mssql_ptr->link,i),Z_STRLEN_P(bind->zval));
break;
+ /* TODO binary */
}
}
else {
@@ -1194,6 +1206,9 @@
while ((num_fields = dbnumcols(mssql_ptr->link)) <= 0 && retvalue ==
SUCCEED) {
retvalue = dbresults(mssql_ptr->link);
}
+ if (retvalue != SUCCEED) {
+ RETURN_FALSE;
+ }
if ((num_fields = dbnumcols(mssql_ptr->link)) <= 0) {
RETURN_TRUE;
}
@@ -1214,12 +1229,8 @@
result->mssql_ptr = mssql_ptr;
result->cur_field=result->cur_row=result->num_rows=0;
- if (num_fields > 0) {
- result->fields = (mssql_field *)
emalloc(sizeof(mssql_field)*result->num_fields);
- result->num_rows = _mssql_fetch_batch(mssql_ptr, result,
retvalue TSRMLS_CC);
- }
- else
- result->fields = NULL;
+ result->fields = (mssql_field *)
emalloc(sizeof(mssql_field)*result->num_fields);
+ result->num_rows = _mssql_fetch_batch(mssql_ptr, result, retvalue
TSRMLS_CC);
ZEND_REGISTER_RESOURCE(return_value, result, le_result);
}
@@ -2243,7 +2254,7 @@
break;
}
- dbconvert(NULL, SQLBINARY, (BYTE*)Z_STRVAL_PP(binary), 16, SQLCHAR,
buffer, -1);
+ dbconvert(NULL, SQLBINARY, (BYTE*)Z_STRVAL_PP(binary), min(16,
Z_STRLEN_PP(binary)), SQLCHAR, buffer, -1);
if (sf) {
php_strtoupper(buffer, 32);
@@ -2251,6 +2262,7 @@
}
else {
int i;
+ /* FIXME this works only on little endian machine */
for (i=0; i<4; i++) {
buffer2[2*i] = buffer[6-2*i];
buffer2[2*i+1] = buffer[7-2*i];
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
