diff options
| author | Ondřej Surý <ondrej@sury.org> | 2011-02-16 10:13:02 +0100 |
|---|---|---|
| committer | Ondřej Surý <ondrej@sury.org> | 2011-02-16 10:13:02 +0100 |
| commit | fd5a0b31640419ca63d1ddeaffd6d3cf2a741814 (patch) | |
| tree | bfd17d84c5181d7b98d7d66f56573f4fc897e31c /ext/odbc/php_odbc.c | |
| parent | 01fcdff3849c3691d9aaeaab735846ab6d8895ca (diff) | |
| download | php-upstream/5.3.5.tar.gz | |
Imported Upstream version 5.3.5upstream/5.3.5
Diffstat (limited to 'ext/odbc/php_odbc.c')
| -rw-r--r-- | ext/odbc/php_odbc.c | 52 |
1 files changed, 48 insertions, 4 deletions
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c index 921454094..756c3b35e 100644 --- a/ext/odbc/php_odbc.c +++ b/ext/odbc/php_odbc.c @@ -20,7 +20,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_odbc.c 296467 2010-03-20 18:19:16Z felipe $ */ +/* $Id: php_odbc.c 305507 2010-11-18 15:22:22Z pajoye $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -1262,11 +1262,19 @@ PHP_FUNCTION(odbc_execute) zend_hash_internal_pointer_reset(Z_ARRVAL_P(pv_param_arr)); params = (params_t *)safe_emalloc(sizeof(params_t), result->numparams, 0); + for(i = 0; i < result->numparams; i++) { + params[i].fp = -1; + } for(i = 1; i <= result->numparams; i++) { if (zend_hash_get_current_data(Z_ARRVAL_P(pv_param_arr), (void **) &tmp) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Error getting parameter"); SQLFreeStmt(result->stmt,SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } @@ -1276,13 +1284,29 @@ PHP_FUNCTION(odbc_execute) if (Z_TYPE_PP(tmp) != IS_STRING) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Error converting parameter"); SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } - SQLDescribeParam(result->stmt, (SQLUSMALLINT)i, &sqltype, &precision, &scale, &nullable); + rc = SQLDescribeParam(result->stmt, (SQLUSMALLINT)i, &sqltype, &precision, &scale, &nullable); params[i-1].vallen = Z_STRLEN_PP(tmp); params[i-1].fp = -1; + if (rc == SQL_ERROR) { + odbc_sql_error(result->conn_ptr, result->stmt, "SQLDescribeParameter"); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } + efree(params); + RETURN_FALSE; + } if (IS_SQL_BINARY(sqltype)) { ctype = SQL_C_BINARY; @@ -1293,8 +1317,11 @@ PHP_FUNCTION(odbc_execute) if (Z_STRLEN_PP(tmp) > 2 && Z_STRVAL_PP(tmp)[0] == '\'' && Z_STRVAL_PP(tmp)[Z_STRLEN_PP(tmp) - 1] == '\'') { + if (strlen(tmp) != Z_STRLEN_PP(tmp)) { + RETURN_FALSE; + } + filename = estrndup(&Z_STRVAL_PP(tmp)[1], Z_STRLEN_PP(tmp) - 2); - filename[strlen(filename)] = '\0'; /* Check for safe mode. */ if (PG(safe_mode) && (!php_checkuid(filename, NULL, CHECKUID_CHECK_FILE_AND_DIR))) { @@ -1306,6 +1333,12 @@ PHP_FUNCTION(odbc_execute) /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { efree(filename); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } @@ -1313,7 +1346,7 @@ PHP_FUNCTION(odbc_execute) if ((params[i-1].fp = open(filename,O_RDONLY)) == -1) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Can't open file %s", filename); SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); - for(i = 0; i < result->numparams; i++) { + for (i = 0; i < result->numparams; i++) { if (params[i].fp != -1) { close(params[i].fp); } @@ -1344,6 +1377,17 @@ PHP_FUNCTION(odbc_execute) Z_STRVAL_PP(tmp), 0, ¶ms[i-1].vallen); } + if (rc == SQL_ERROR) { + odbc_sql_error(result->conn_ptr, result->stmt, "SQLBindParameter"); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } + efree(params); + RETURN_FALSE; + } zend_hash_move_forward(Z_ARRVAL_P(pv_param_arr)); } } |