Commit:    1643d4ed568890d1b18a87304a39791ebb4790be
Author:    Andrey Hristov <and...@php.net>         Fri, 22 Feb 2013 13:17:46 
+0100
Parents:   b479c2bffb91ee8a6c2e676920e895da08b68a4b
Branches:  PHP-5.5 master

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=1643d4ed568890d1b18a87304a39791ebb4790be

Log:
Add some parameter checks

Changed paths:
  M  ext/mysqli/mysqli_nonapi.c


Diff:
diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c
index c3a56fc..e743449 100644
--- a/ext/mysqli/mysqli_nonapi.c
+++ b/ext/mysqli/mysqli_nonapi.c
@@ -1100,13 +1100,25 @@ PHP_FUNCTION(mysqli_begin_transaction)
        zval            *mysql_link;
        long            flags = TRANS_START_NO_OPT;
        char *          name = NULL;
-       int                     name_len = 0;
+       int                     name_len = -1;
+       zend_bool       err = FALSE;
 
        if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), 
"O|ls", &mysql_link, mysqli_link_class_entry, &flags, &name, &name_len) == 
FAILURE) {
                return;
        }
        MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
-
+       if (flags < 0) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid value for 
parameter flags (%ld)", flags);
+               err = TRUE;
+       }
+       if (!name || !name_len) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name 
cannot be empty");
+               err = TRUE;
+       }
+       if (TRUE == err) {
+               RETURN_FALSE;                   
+       }
+       
 #if !defined(MYSQLI_USE_MYSQLND)
        if (mysqli_begin_transaction_libmysql(mysql->mysql, flags, name)) {
                RETURN_FALSE;
@@ -1143,12 +1155,16 @@ PHP_FUNCTION(mysqli_savepoint)
        MY_MYSQL        *mysql;
        zval            *mysql_link;
        char *          name = NULL;
-       int                     name_len = 0;
+       int                     name_len = -1;
 
        if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), 
"Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) {
                return;
        }
        MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
+       if (!name || !name_len) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name 
cannot be empty");
+               RETURN_FALSE;   
+       }
 
 #if !defined(MYSQLI_USE_MYSQLND)
        if (mysqli_savepoint_libmysql(mysql->mysql, name, FALSE)) {
@@ -1169,14 +1185,15 @@ PHP_FUNCTION(mysqli_release_savepoint)
        MY_MYSQL        *mysql;
        zval            *mysql_link;
        char *          name = NULL;
-       int                     name_len = 0;
+       int                     name_len = -1;
 
        if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), 
"Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) {
                return;
        }
        MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
        if (!name || !name_len) {
-               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name not 
provided");     
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name 
cannot be empty");  
+               RETURN_FALSE;
        }
 #if !defined(MYSQLI_USE_MYSQLND)
        if (mysqli_savepoint_libmysql(mysql->mysql, name, TRUE)) {


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to