sqlitedatabase_arrayquery.phpt

Pierre-Alain Joye Mon, 12 Oct 2009 15:38:06 -0700

pajoye                                   Mon, 12 Oct 2009 22:37:52 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=289598


Log:
- Merge: Fixed possible crash when calling SQLiteDatabase::{ArrayQuery, 
SingleQuery} methods using Reflection

Changed paths:
    U   php/php-src/branches/PHP_5_3_1/ext/sqlite/sqlite.c
    A   
php/php-src/branches/PHP_5_3_1/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt

Modified: php/php-src/branches/PHP_5_3_1/ext/sqlite/sqlite.c
===================================================================
--- php/php-src/branches/PHP_5_3_1/ext/sqlite/sqlite.c  2009-10-12 22:35:36 UTC 
(rev 289597)
+++ php/php-src/branches/PHP_5_3_1/ext/sqlite/sqlite.c  2009-10-12 22:37:52 UTC 
(rev 289598)
@@ -129,7 +129,7 @@
 #define RES_FROM_OBJECT(res, object) RES_FROM_OBJECT_RESTORE_ERH(res, object, 
NULL)

 #define PHP_SQLITE_EMPTY_QUERY \
-       if (!sql_len) { \
+       if (!sql_len || !*sql) { \
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot execute 
empty query."); \
                RETURN_FALSE; \
        }

Added: 
php/php-src/branches/PHP_5_3_1/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt
===================================================================
--- 
php/php-src/branches/PHP_5_3_1/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt  
                            (rev 0)
+++ 
php/php-src/branches/PHP_5_3_1/ext/sqlite/tests/sqlitedatabase_arrayquery.phpt  
    2009-10-12 22:37:52 UTC (rev 289598)
@@ -0,0 +1,23 @@
+--TEST--
+Testing SQLiteDatabase::ArrayQuery with NULL-byte string
+--SKIPIF--
+<?php
+if (!extension_loaded("sqlite")) print "skip";
+?>
+--FILE--
+<?php
+
+$method = new ReflectionMethod('sqlitedatabase::arrayquery');
+
+$class = $method->getDeclaringClass()->newInstanceArgs(array(':memory:'));
+
+$p = "\0";
+
+$method->invokeArgs($class, array_fill(0, 2, $p));
+$method->invokeArgs($class, array_fill(0, 1, $p));
+
+?>
+--EXPECTF--
+Warning: SQLiteDatabase::arrayQuery() expects parameter 2 to be long, string 
given in %s on line %d
+
+Warning: SQLiteDatabase::arrayQuery(): Cannot execute empty query. in %s on 
line %d

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] svn: /php/php-src/branches/PHP_5_3_1/ext/sqlite/ sqlite.c tests/sqlitedatabase_arrayquery.phpt

Reply via email to