iliaa Thu Feb 21 13:37:52 2008 UTC
Modified files: (Branch: PHP_5_2)
/php-src/ext/pdo pdo_dbh.c
/php-src NEWS
Log:
MFB: Fixed bug #44189 (PDO setAttribute() does not properly validate values
for native numeric options)
http://cvs.php.net/viewvc.cgi/php-src/ext/pdo/pdo_dbh.c?r1=1.82.2.31.2.20&r2=1.82.2.31.2.21&diff_format=u
Index: php-src/ext/pdo/pdo_dbh.c
diff -u php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.20
php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.21
--- php-src/ext/pdo/pdo_dbh.c:1.82.2.31.2.20 Tue Feb 19 12:09:47 2008
+++ php-src/ext/pdo/pdo_dbh.c Thu Feb 21 13:37:51 2008
@@ -18,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: pdo_dbh.c,v 1.82.2.31.2.20 2008/02/19 12:09:47 felipe Exp $ */
+/* $Id: pdo_dbh.c,v 1.82.2.31.2.21 2008/02/21 13:37:51 iliaa Exp $ */
/* The PDO Database Handle Class */
@@ -669,8 +669,17 @@
static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value
TSRMLS_DC) /* {{{ */
{
+
+#define PDO_LONG_PARAM_CHECK \
+ if (Z_TYPE_P(value) != IS_LONG && Z_TYPE_P(value) != IS_STRING &&
Z_TYPE_P(value) != IS_BOOL) { \
+ pdo_raise_impl_error(dbh, NULL, "HY000", "attribute value must
be an integer" TSRMLS_CC); \
+ PDO_HANDLE_DBH_ERR(); \
+ return FAILURE; \
+ } \
+
switch (attr) {
case PDO_ATTR_ERRMODE:
+ PDO_LONG_PARAM_CHECK;
convert_to_long(value);
switch (Z_LVAL_P(value)) {
case PDO_ERRMODE_SILENT:
@@ -686,6 +695,7 @@
return FAILURE;
case PDO_ATTR_CASE:
+ PDO_LONG_PARAM_CHECK;
convert_to_long(value);
switch (Z_LVAL_P(value)) {
case PDO_CASE_NATURAL:
@@ -701,6 +711,7 @@
return FAILURE;
case PDO_ATTR_ORACLE_NULLS:
+ PDO_LONG_PARAM_CHECK;
convert_to_long(value);
dbh->oracle_nulls = Z_LVAL_P(value);
return SUCCESS;
@@ -714,6 +725,8 @@
return FAILURE;
}
}
+ } else {
+ PDO_LONG_PARAM_CHECK;
}
convert_to_long(value);
if (Z_LVAL_P(value) == PDO_FETCH_USE_DEFAULT) {
@@ -724,6 +737,7 @@
return SUCCESS;
case PDO_ATTR_STRINGIFY_FETCHES:
+ PDO_LONG_PARAM_CHECK;
convert_to_long(value);
dbh->stringify = Z_LVAL_P(value) ? 1 : 0;
return SUCCESS;
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1089&r2=1.2027.2.547.2.1090&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.1089 php-src/NEWS:1.2027.2.547.2.1090
--- php-src/NEWS:1.2027.2.547.2.1089 Thu Feb 21 13:32:03 2008
+++ php-src/NEWS Thu Feb 21 13:37:52 2008
@@ -13,6 +13,8 @@
- Fixed bug #44197 (socket array keys lost on socket_select). (Felipe)
- Fixed bug #44191 (preg_grep messes up array index). (Felipe)
+- Fixed bug #44189 (PDO setAttribute() does not properly validate values for
+ native numeric options). (Ilia)
- Fixed bug #44184 (Double free of loop-variable on exception). (Dmitry)
- Fixed bug #44171 (Invalid FETCH_COLUMN index does not raise an error). (Ilia)
- Fixed bug #44159 (Crash: $pdo->setAttribute(PDO::STATEMENT_ATTR_CLASS,
NULL)).
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
