diff options
| author | Sean Finney <seanius@debian.org> | 2009-04-10 14:09:48 +0200 |
|---|---|---|
| committer | Sean Finney <seanius@debian.org> | 2009-04-10 14:09:48 +0200 |
| commit | cd0b49c72aee33b3e44a9c589fcd93b9e1c7a64f (patch) | |
| tree | 1315c623bb7d9dfa8d366fa9cd2c6834ceeb5da5 /ext/pdo_mysql | |
| parent | 9ea47aab740772adf0c69d8c94b208a464e599ea (diff) | |
| download | php-cd0b49c72aee33b3e44a9c589fcd93b9e1c7a64f.tar.gz | |
Imported Upstream version 5.2.9.dfsg.1upstream/5.2.9.dfsg.1
Diffstat (limited to 'ext/pdo_mysql')
| -rwxr-xr-x | ext/pdo_mysql/mysql_driver.c | 8 | ||||
| -rwxr-xr-x | ext/pdo_mysql/mysql_statement.c | 4 | ||||
| -rwxr-xr-x | ext/pdo_mysql/pdo_mysql.c | 4 | ||||
| -rwxr-xr-x | ext/pdo_mysql/php_pdo_mysql.h | 4 | ||||
| -rwxr-xr-x | ext/pdo_mysql/php_pdo_mysql_int.h | 4 | ||||
| -rw-r--r-- | ext/pdo_mysql/tests/bug41125.phpt | 162 | ||||
| -rw-r--r-- | ext/pdo_mysql/tests/bug44327.phpt | 64 | ||||
| -rw-r--r-- | ext/pdo_mysql/tests/bug46292.phpt | 80 |
8 files changed, 318 insertions, 12 deletions
diff --git a/ext/pdo_mysql/mysql_driver.c b/ext/pdo_mysql/mysql_driver.c index 3073c4bf4..c69bd8623 100755 --- a/ext/pdo_mysql/mysql_driver.c +++ b/ext/pdo_mysql/mysql_driver.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2008 The PHP Group | + | Copyright (c) 1997-2009 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: mysql_driver.c,v 1.59.2.13.2.6 2007/12/31 07:20:09 sebastian Exp $ */ +/* $Id: mysql_driver.c,v 1.59.2.13.2.8 2008/12/31 11:17:42 sebastian Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -496,12 +496,12 @@ static int pdo_mysql_handle_factory(pdo_dbh_t *dbh, zval *driver_options TSRMLS_ if ((PG(open_basedir) && PG(open_basedir)[0] != '\0') || PG(safe_mode)) { local_infile = 0; } - +#ifdef MYSQL_OPT_LOCAL_INFILE if (mysql_options(H->server, MYSQL_OPT_LOCAL_INFILE, (const char *)&local_infile)) { pdo_mysql_error(dbh); goto cleanup; } - +#endif #ifdef MYSQL_OPT_RECONNECT /* since 5.0.3, the default for this option is 0 if not specified. * we want the old behaviour */ diff --git a/ext/pdo_mysql/mysql_statement.c b/ext/pdo_mysql/mysql_statement.c index 0a1a66e87..92095211c 100755 --- a/ext/pdo_mysql/mysql_statement.c +++ b/ext/pdo_mysql/mysql_statement.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2008 The PHP Group | + | Copyright (c) 1997-2009 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: mysql_statement.c,v 1.48.2.14.2.7 2007/12/31 07:20:09 sebastian Exp $ */ +/* $Id: mysql_statement.c,v 1.48.2.14.2.8 2008/12/31 11:17:42 sebastian Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" diff --git a/ext/pdo_mysql/pdo_mysql.c b/ext/pdo_mysql/pdo_mysql.c index 315770b12..8218de6fb 100755 --- a/ext/pdo_mysql/pdo_mysql.c +++ b/ext/pdo_mysql/pdo_mysql.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2008 The PHP Group | + | Copyright (c) 1997-2009 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: pdo_mysql.c,v 1.8.2.13.2.2 2007/12/31 07:20:09 sebastian Exp $ */ +/* $Id: pdo_mysql.c,v 1.8.2.13.2.3 2008/12/31 11:17:42 sebastian Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" diff --git a/ext/pdo_mysql/php_pdo_mysql.h b/ext/pdo_mysql/php_pdo_mysql.h index 3a5ee2b8f..cd0b2974e 100755 --- a/ext/pdo_mysql/php_pdo_mysql.h +++ b/ext/pdo_mysql/php_pdo_mysql.h @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2008 The PHP Group | + | Copyright (c) 1997-2009 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_pdo_mysql.h,v 1.3.2.1.2.2 2007/12/31 07:20:09 sebastian Exp $ */ +/* $Id: php_pdo_mysql.h,v 1.3.2.1.2.3 2008/12/31 11:17:42 sebastian Exp $ */ #ifndef PHP_PDO_MYSQL_H #define PHP_PDO_MYSQL_H diff --git a/ext/pdo_mysql/php_pdo_mysql_int.h b/ext/pdo_mysql/php_pdo_mysql_int.h index c6e60bd35..95f899375 100755 --- a/ext/pdo_mysql/php_pdo_mysql_int.h +++ b/ext/pdo_mysql/php_pdo_mysql_int.h @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2008 The PHP Group | + | Copyright (c) 1997-2009 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_pdo_mysql_int.h,v 1.16.2.4.2.2 2007/12/31 07:20:09 sebastian Exp $ */ +/* $Id: php_pdo_mysql_int.h,v 1.16.2.4.2.3 2008/12/31 11:17:42 sebastian Exp $ */ #ifndef PHP_PDO_MYSQL_INT_H #define PHP_PDO_MYSQL_INT_H diff --git a/ext/pdo_mysql/tests/bug41125.phpt b/ext/pdo_mysql/tests/bug41125.phpt new file mode 100644 index 000000000..29a98164d --- /dev/null +++ b/ext/pdo_mysql/tests/bug41125.phpt @@ -0,0 +1,162 @@ +--TEST-- +Bug #41125 (PDO mysql + quote() + prepare() can result in seg fault) +--SKIPIF-- +<?php +require dirname(__FILE__) . '/config.inc'; +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +MySQLPDOTest::skip(); + +?> +--FILE-- +<?php + +require dirname(__FILE__) . '/config.inc'; +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +$db = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt'); + +$search = "o'"; +$sql = "SELECT 1 FROM DUAL WHERE 'o''riley' LIKE " . $db->quote('%' . $search . '%'); +$stmt = $db->prepare($sql); +$stmt->execute(); +print implode(' - ', (($r = @$stmt->fetch(PDO::FETCH_NUM)) ? $r : array())) ."\n"; +print implode(' - ', $stmt->errorinfo()) ."\n"; + +print "-------------------------------------------------------\n"; + +$queries = array( + "SELECT 1 FROM DUAL WHERE 1 = '?\'\''", + "SELECT 'a\\'0' FROM DUAL WHERE 1 = ?", + "SELECT 'a', 'b\'' FROM DUAL WHERE '''' LIKE '\\'' AND ?", + "SELECT 'foo?bar', '', '''' FROM DUAL WHERE ?" +); + +foreach ($queries as $k => $query) { + $stmt = $db->prepare($query); + $stmt->execute(array(1)); + printf("[%d] Query: [[%s]]\n", $k + 1, $query); + print implode(' - ', (($r = @$stmt->fetch(PDO::FETCH_NUM)) ? $r : array())) ."\n"; + print implode(' - ', $stmt->errorinfo()) ."\n"; + print "--------\n"; +} + +$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 1); +$sql = "SELECT upper(:id) FROM DUAL WHERE '1'"; +$stmt = $db->prepare($sql); + +$id = 'o\'\0'; +$stmt->bindParam(':id', $id); +$stmt->execute(); +printf("Query: [[%s]]\n", $sql); +print implode(' - ', (($r = @$stmt->fetch(PDO::FETCH_NUM)) ? $r : array())) ."\n"; +print implode(' - ', $stmt->errorinfo()) ."\n"; + +print "-------------------------------------------------------\n"; + +$queries = array( + "SELECT 1, 'foo' FROM DUAL WHERE 1 = :id AND '\\0' IS NULL AND 2 <> :id", + "SELECT 1 FROM DUAL WHERE 1 = :id AND '' AND 2 <> :id", + "SELECT 1 FROM DUAL WHERE 1 = :id AND '\'\'' = '''' AND 2 <> :id", + "SELECT 1 FROM DUAL WHERE 1 = :id AND '\'' = '''' AND 2 <> :id", + "SELECT 'a', 'b\'' FROM DUAL WHERE '''' LIKE '\\'' AND 1", + "SELECT 'a''', '\'b\'' FROM DUAL WHERE '''' LIKE '\\'' AND 1", + "SELECT UPPER(:id) FROM DUAL WHERE '1'", + "SELECT 1 FROM DUAL WHERE '\''", + "SELECT 1 FROM DUAL WHERE :id AND '\\0' OR :id", + "SELECT 1 FROM DUAL WHERE 'a\\f\\n\\0' AND 1 >= :id", + "SELECT 1 FROM DUAL WHERE '\'' = ''''", + "SELECT '\\n' '1 FROM DUAL WHERE '''' and :id'", + "SELECT 1 'FROM DUAL WHERE :id AND '''' = '''' OR 1 = 1 AND ':id", +); + +$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 1); +$id = 1; + +foreach ($queries as $k => $query) { + $stmt = $db->prepare($query); + $stmt->bindParam(':id', $id); + $stmt->execute(); + + printf("[%d] Query: [[%s]]\n", $k + 1, $query); + print implode(' - ', (($r = @$stmt->fetch(PDO::FETCH_NUM)) ? $r : array())) ."\n"; + print implode(' - ', $stmt->errorinfo()) ."\n"; + print "--------\n"; +} + +?> +--EXPECT-- +1 +00000 +------------------------------------------------------- +[1] Query: [[SELECT 1 FROM DUAL WHERE 1 = '?\'\'']] + +00000 +-------- +[2] Query: [[SELECT 'a\'0' FROM DUAL WHERE 1 = ?]] +a'0 +00000 +-------- +[3] Query: [[SELECT 'a', 'b\'' FROM DUAL WHERE '''' LIKE '\'' AND ?]] +a - b' +00000 +-------- +[4] Query: [[SELECT 'foo?bar', '', '''' FROM DUAL WHERE ?]] +foo?bar - - ' +00000 +-------- +Query: [[SELECT upper(:id) FROM DUAL WHERE '1']] +O'\0 +00000 +------------------------------------------------------- +[1] Query: [[SELECT 1, 'foo' FROM DUAL WHERE 1 = :id AND '\0' IS NULL AND 2 <> :id]] + +00000 +-------- +[2] Query: [[SELECT 1 FROM DUAL WHERE 1 = :id AND '' AND 2 <> :id]] + +00000 +-------- +[3] Query: [[SELECT 1 FROM DUAL WHERE 1 = :id AND '\'\'' = '''' AND 2 <> :id]] + +00000 +-------- +[4] Query: [[SELECT 1 FROM DUAL WHERE 1 = :id AND '\'' = '''' AND 2 <> :id]] +1 +00000 +-------- +[5] Query: [[SELECT 'a', 'b\'' FROM DUAL WHERE '''' LIKE '\'' AND 1]] +a - b' +00000 +-------- +[6] Query: [[SELECT 'a''', '\'b\'' FROM DUAL WHERE '''' LIKE '\'' AND 1]] +a' - 'b' +00000 +-------- +[7] Query: [[SELECT UPPER(:id) FROM DUAL WHERE '1']] +1 +00000 +-------- +[8] Query: [[SELECT 1 FROM DUAL WHERE '\'']] + +00000 +-------- +[9] Query: [[SELECT 1 FROM DUAL WHERE :id AND '\0' OR :id]] +1 +00000 +-------- +[10] Query: [[SELECT 1 FROM DUAL WHERE 'a\f\n\0' AND 1 >= :id]] + +00000 +-------- +[11] Query: [[SELECT 1 FROM DUAL WHERE '\'' = '''']] +1 +00000 +-------- +[12] Query: [[SELECT '\n' '1 FROM DUAL WHERE '''' and :id']] + +1 FROM DUAL WHERE '' and :id +00000 +-------- +[13] Query: [[SELECT 1 'FROM DUAL WHERE :id AND '''' = '''' OR 1 = 1 AND ':id]] +1 +00000 +-------- diff --git a/ext/pdo_mysql/tests/bug44327.phpt b/ext/pdo_mysql/tests/bug44327.phpt new file mode 100644 index 000000000..3d461c0fc --- /dev/null +++ b/ext/pdo_mysql/tests/bug44327.phpt @@ -0,0 +1,64 @@ +--TEST-- +Bug #44327 (PDORow::queryString property & numeric offsets / Crash) +--SKIPIF-- +<?php +require dirname(__FILE__) . '/config.inc'; +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +MySQLPDOTest::skip(); +?> +--FILE-- +<?php + require dirname(__FILE__) . '/config.inc'; + require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; + $db = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt'); + + $stmt = $db->prepare("SELECT 1 AS \"one\""); + $stmt->execute(); + $row = $stmt->fetch(PDO::FETCH_LAZY); + var_dump($row); + var_dump($row->{0}); + var_dump($row->one); + var_dump($row->queryString); + + print "----------------------------------\n"; + + @$db->exec("DROP TABLE test"); + $db->exec("CREATE TABLE test (id INT)"); + $db->exec("INSERT INTO test(id) VALUES (1)"); + $stmt = $db->prepare("SELECT id FROM test"); + $stmt->execute(); + $row = $stmt->fetch(PDO::FETCH_LAZY); + var_dump($row); + var_dump($row->queryString); + @$db->exec("DROP TABLE test"); + + print "----------------------------------\n"; + + $stmt = $db->prepare('foo'); + @$stmt->execute(); + $row = $stmt->fetch(); + var_dump($row->queryString); + +?> +--EXPECTF-- +object(PDORow)#%d (2) { + ["queryString"]=> + string(17) "SELECT 1 AS "one"" + ["one"]=> + string(1) "1" +} +string(1) "1" +string(1) "1" +string(17) "SELECT 1 AS "one"" +---------------------------------- +object(PDORow)#%d (2) { + ["queryString"]=> + string(19) "SELECT id FROM test" + ["id"]=> + string(1) "1" +} +string(19) "SELECT id FROM test" +---------------------------------- + +Notice: Trying to get property of non-object in %s on line %d +NULL diff --git a/ext/pdo_mysql/tests/bug46292.phpt b/ext/pdo_mysql/tests/bug46292.phpt new file mode 100644 index 000000000..df66dbb4c --- /dev/null +++ b/ext/pdo_mysql/tests/bug46292.phpt @@ -0,0 +1,80 @@ +--TEST-- +Bug #46292 (PDO::setFetchMode() shouldn't requires the 2nd arg when using FETCH_CLASSTYPE) +--SKIPIF-- +<?php +if (!extension_loaded('pdo') || !extension_loaded('pdo_mysql')) die('skip not loaded'); +require dirname(__FILE__) . '/config.inc'; +require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; +PDOTest::skip(); +?> +--FILE-- +<?php + require dirname(__FILE__) . '/config.inc'; + require dirname(__FILE__) . '/../../../ext/pdo/tests/pdo_test.inc'; + + $pdoDb = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt'); + + + class myclass implements Serializable { + public function __construct() { + printf("%s()\n", __METHOD__); + } + + public function serialize() { + printf("%s()\n", __METHOD__); + return "any data from serialize()"; + } + + public function unserialize($dat) { + printf("%s(%s)\n", __METHOD__, var_export($dat, true)); + return $dat; + } + } + + class myclass2 extends myclass { } + + $pdoDb->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); + + $pdoDb->query('DROP TABLE IF EXISTS testz'); + + $pdoDb->query('CREATE TABLE testz (name VARCHAR(20) NOT NULL, value INT)'); + + $pdoDb->query("INSERT INTO testz VALUES ('myclass', 1), ('myclass2', 2), ('myclass', NULL), ('myclass3', NULL)"); + + $stmt = $pdoDb->prepare("SELECT * FROM testz"); + + var_dump($stmt->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_CLASSTYPE | PDO::FETCH_GROUP)); + $stmt->execute(); + + var_dump($stmt->fetch()); + var_dump($stmt->fetch()); + var_dump($stmt->fetchAll()); + + $pdoDb->query('DROP TABLE IF EXISTS testz'); + +?> +--EXPECTF-- +bool(true) +myclass::__construct() +object(myclass)#%d (1) { + ["value"]=> + string(1) "1" +} +myclass::__construct() +object(myclass2)#%d (1) { + ["value"]=> + string(1) "2" +} +myclass::__construct() +array(2) { + [0]=> + object(myclass)#%d (1) { + ["value"]=> + NULL + } + [1]=> + object(stdClass)#%d (1) { + ["value"]=> + NULL + } +} |