diff options
| author | Christopher Jones <christopher.jones@oracle.com> | 2015-11-07 01:56:50 +1100 |
|---|---|---|
| committer | Christopher Jones <christopher.jones@oracle.com> | 2015-11-07 01:56:50 +1100 |
| commit | 3060dfd92e0126e92b1501dba807bfcd44bef53a (patch) | |
| tree | cd0fb1ea2818c7d7f57c4007afc49a88d9da32c1 | |
| parent | 1c0622a472cb88f780733456f5bb0eb03a40a1cb (diff) | |
| download | php-git-3060dfd92e0126e92b1501dba807bfcd44bef53a.tar.gz | |
Fix bug 68298 (PHP OCI8 OCI int overflow) (Senthil)
| -rw-r--r-- | ext/oci8/oci8_statement.c | 9 | ||||
| -rw-r--r-- | ext/oci8/tests/bug68298.phpt | 51 |
2 files changed, 59 insertions, 1 deletions
diff --git a/ext/oci8/oci8_statement.c b/ext/oci8/oci8_statement.c index 4d18a916d8..ad30a65377 100644 --- a/ext/oci8/oci8_statement.c +++ b/ext/oci8/oci8_statement.c @@ -1139,15 +1139,22 @@ int php_oci_bind_by_name(php_oci_statement *statement, char *name, int name_len, case SQLT_INT: case SQLT_NUM: + { if (Z_TYPE_P(var) == IS_RESOURCE || Z_TYPE_P(var) == IS_OBJECT) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid variable used for bind"); return 1; } convert_to_long(var); +#if defined(OCI_MAJOR_VERSION) && OCI_MAJOR_VERSION > 10 + bind_data = (ub8 *)&Z_LVAL_P(var); + value_sz = sizeof(ub8); +#else bind_data = (ub4 *)&Z_LVAL_P(var); value_sz = sizeof(ub4); +#endif mode = OCI_DEFAULT; - break; + } + break; case SQLT_LBI: case SQLT_BIN: diff --git a/ext/oci8/tests/bug68298.phpt b/ext/oci8/tests/bug68298.phpt new file mode 100644 index 0000000000..223faa5cad --- /dev/null +++ b/ext/oci8/tests/bug68298.phpt @@ -0,0 +1,51 @@ +--TEST-- +Bug #68298 (OCI int overflow) +--SKIPIF-- +<?php +if (!extension_loaded('oci8')) die ("skip no oci8 extension"); +if (PHP_INT_SIZE != 8) die("skip this test is for 64bit platforms only"); +?> +--FILE-- +<?php + +require(dirname(__FILE__).'/connect.inc'); + +$stmtarray = array( + "DROP TABLE BUG68298", + "CREATE TABLE BUG68298 (COL1 NUMBER(20))" +); + +oci8_test_sql_execute($c, $stmtarray); + +$s = oci_parse($c, "INSERT INTO BUG68298 VALUES (:INTVALUE)"); +$intvalue = 1152921504606846975; +oci_bind_by_name($s, ":INTVALUE", $intvalue, -1, SQLT_INT); +oci_execute($s); + +$s = oci_parse($c, "INSERT INTO BUG68298 VALUES (:INTVALUE)"); +$intvalue = -1152921504606846975; +oci_bind_by_name($s, ":INTVALUE", $intvalue, -1, SQLT_INT); +oci_execute($s); + + +$s = oci_parse($c, "SELECT COL1 FROM BUG68298"); +oci_execute($s); +oci_fetch_all($s, $r); +var_dump($r); + +$stmtarray = array("DROP TABLE BUG68298"); +oci8_test_sql_execute($c, $stmtarray); +?> +===DONE=== +<?php exit(0); ?> +--EXPECTF-- +array(1) { + ["COL1"]=> + array(2) { + [0]=> + string(19) "1152921504606846975" + [1]=> + string(20) "-1152921504606846975" + } +} +===DONE=== |