Commit: 1643d4ed568890d1b18a87304a39791ebb4790be Author: Andrey Hristov <and...@php.net> Fri, 22 Feb 2013 13:17:46 +0100 Parents: b479c2bffb91ee8a6c2e676920e895da08b68a4b Branches: PHP-5.5 master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=1643d4ed568890d1b18a87304a39791ebb4790be Log: Add some parameter checks Changed paths: M ext/mysqli/mysqli_nonapi.c Diff: diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c index c3a56fc..e743449 100644 --- a/ext/mysqli/mysqli_nonapi.c +++ b/ext/mysqli/mysqli_nonapi.c @@ -1100,13 +1100,25 @@ PHP_FUNCTION(mysqli_begin_transaction) zval *mysql_link; long flags = TRANS_START_NO_OPT; char * name = NULL; - int name_len = 0; + int name_len = -1; + zend_bool err = FALSE; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "O|ls", &mysql_link, mysqli_link_class_entry, &flags, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); - + if (flags < 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid value for parameter flags (%ld)", flags); + err = TRUE; + } + if (!name || !name_len) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + err = TRUE; + } + if (TRUE == err) { + RETURN_FALSE; + } + #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_begin_transaction_libmysql(mysql->mysql, flags, name)) { RETURN_FALSE; @@ -1143,12 +1155,16 @@ PHP_FUNCTION(mysqli_savepoint) MY_MYSQL *mysql; zval *mysql_link; char * name = NULL; - int name_len = 0; + int name_len = -1; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); + if (!name || !name_len) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + RETURN_FALSE; + } #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_savepoint_libmysql(mysql->mysql, name, FALSE)) { @@ -1169,14 +1185,15 @@ PHP_FUNCTION(mysqli_release_savepoint) MY_MYSQL *mysql; zval *mysql_link; char * name = NULL; - int name_len = 0; + int name_len = -1; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); if (!name || !name_len) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name not provided"); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + RETURN_FALSE; } #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_savepoint_libmysql(mysql->mysql, name, TRUE)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php