diff options
| author | Anatol Belski <ab@php.net> | 2015-11-05 18:08:08 +0100 |
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2015-11-05 18:08:08 +0100 |
| commit | 5ac288bcc6b8858e3ea509d92426b2bacc7fd397 (patch) | |
| tree | 1e5370e481e2009de8fd7b7e0157458337f40045 | |
| parent | 9385eb6ff8f85d0ab2bae96f02197fe7fc70d85c (diff) | |
| download | php-git-5ac288bcc6b8858e3ea509d92426b2bacc7fd397.tar.gz | |
fix crash in sqlite when executing with bound stream param
rel #70862
| -rw-r--r-- | ext/sqlite3/sqlite3.c | 9 | ||||
| -rw-r--r-- | ext/sqlite3/tests/sqlite3_blob_bind_resource.phpt | 39 |
2 files changed, 44 insertions, 4 deletions
diff --git a/ext/sqlite3/sqlite3.c b/ext/sqlite3/sqlite3.c index 12340f991e..4e3cc28eda 100644 --- a/ext/sqlite3/sqlite3.c +++ b/ext/sqlite3/sqlite3.c @@ -1527,7 +1527,7 @@ PHP_METHOD(sqlite3stmt, execute) case SQLITE_BLOB: { php_stream *stream = NULL; - zend_string *buffer; + zend_string *buffer = NULL; if (Z_TYPE_P(parameter) == IS_RESOURCE) { php_stream_from_zval_no_verify(stream, parameter); if (stream == NULL) { @@ -1540,10 +1540,11 @@ PHP_METHOD(sqlite3stmt, execute) buffer = Z_STR_P(parameter); } - sqlite3_bind_blob(stmt_obj->stmt, param->param_number, ZSTR_VAL(buffer), ZSTR_LEN(buffer), SQLITE_TRANSIENT); - - if (stream) { + if (buffer) { + sqlite3_bind_blob(stmt_obj->stmt, param->param_number, ZSTR_VAL(buffer), ZSTR_LEN(buffer), SQLITE_TRANSIENT); zend_string_release(buffer); + } else { + sqlite3_bind_null(stmt_obj->stmt, param->param_number); } break; } diff --git a/ext/sqlite3/tests/sqlite3_blob_bind_resource.phpt b/ext/sqlite3/tests/sqlite3_blob_bind_resource.phpt new file mode 100644 index 0000000000..108956b87b --- /dev/null +++ b/ext/sqlite3/tests/sqlite3_blob_bind_resource.phpt @@ -0,0 +1,39 @@ +--TEST-- +SQLite3::execute() with a resource bound for blob param +--SKIPIF-- +<?php require_once(dirname(__FILE__) . '/skipif.inc'); ?> +--FILE-- +<?php + +require_once(dirname(__FILE__) . '/new_db.inc'); +require_once(dirname(__FILE__) . '/stream_test.inc'); + +var_dump($db->exec('CREATE TABLE test (id STRING, data BLOB)')); +$insert_stmt = $db->prepare("INSERT INTO test (id, data) VALUES (1, ?)"); + + +class HelloWrapper { + public function stream_open() { return true; } + public function stream_eof() { return true; } + public function stream_read() { return NULL; } + public function stream_stat() { return array(); } +} +stream_wrapper_register("hello", "HelloWrapper"); + +$f = fopen("hello://there", "r"); + +var_dump($insert_stmt->bindParam(1, $f, SQLITE3_BLOB)); +var_dump($insert_stmt->execute()); + +var_dump($insert_stmt->close()); +fclose($f); + +?> ++++DONE+++ +--EXPECTF-- +bool(true) +bool(true) +object(SQLite3Result)#%d (%d) { +} +bool(true) ++++DONE+++ |