diff options
| author | Christoph M. Becker <cmbecker69@gmx.de> | 2020-10-29 12:02:54 +0100 |
|---|---|---|
| committer | Christoph M. Becker <cmbecker69@gmx.de> | 2020-10-29 12:03:11 +0100 |
| commit | 9838eff68b6dd034c585645fce63baf98192cd1d (patch) | |
| tree | 9e68d9db20f74ec695808bbbdea927b008ac56ed /ext/odbc/php_odbc.c | |
| parent | d784c65cca34e55e52887bfa4975594958f28181 (diff) | |
| parent | 133ac0151b07a68cc73ab220d4c458834f1aa182 (diff) | |
| download | php-git-9838eff68b6dd034c585645fce63baf98192cd1d.tar.gz | |
Merge branch 'PHP-7.4' into PHP-8.0
* PHP-7.4:
Fix #44618: Fetching may rely on uninitialized data
Diffstat (limited to 'ext/odbc/php_odbc.c')
| -rw-r--r-- | ext/odbc/php_odbc.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c index 3e4efb7380..8db21e90e5 100644 --- a/ext/odbc/php_odbc.c +++ b/ext/odbc/php_odbc.c @@ -1440,6 +1440,9 @@ static void php_odbc_fetch_hash(INTERNAL_FUNCTION_PARAMETERS, int result_type) if (rc == SQL_SUCCESS_WITH_INFO) { ZVAL_STRINGL(&tmp, buf, result->longreadlen); + } else if (rc != SQL_SUCCESS) { + php_error_docref(NULL, E_WARNING, "Cannot get data of column #%d (retcode %u)", i + 1, rc); + ZVAL_FALSE(&tmp); } else if (result->values[i].vallen == SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; @@ -1590,6 +1593,9 @@ PHP_FUNCTION(odbc_fetch_into) } if (rc == SQL_SUCCESS_WITH_INFO) { ZVAL_STRINGL(&tmp, buf, result->longreadlen); + } else if (rc != SQL_SUCCESS) { + php_error_docref(NULL, E_WARNING, "Cannot get data of column #%d (retcode %u)", i + 1, rc); + ZVAL_FALSE(&tmp); } else if (result->values[i].vallen == SQL_NULL_DATA) { ZVAL_NULL(&tmp); break; @@ -1822,12 +1828,13 @@ PHP_FUNCTION(odbc_result) RETURN_FALSE; } - if (result->values[field_ind].vallen == SQL_NULL_DATA) { - zend_string_efree(field_str); - RETURN_NULL(); - } else if (rc == SQL_NO_DATA_FOUND) { + if (rc != SQL_SUCCESS && rc != SQL_SUCCESS_WITH_INFO) { zend_string_efree(field_str); + php_error_docref(NULL, E_WARNING, "Cannot get data of column #%d (retcode %u)", field_ind + 1, rc); RETURN_FALSE; + } else if (result->values[field_ind].vallen == SQL_NULL_DATA) { + zend_string_efree(field_str); + RETURN_NULL(); } /* Reduce fieldlen by 1 if we have char data. One day we might have binary strings... */ @@ -1873,6 +1880,12 @@ PHP_FUNCTION(odbc_result) RETURN_FALSE; } + if (rc != SQL_SUCCESS && rc != SQL_SUCCESS_WITH_INFO) { + php_error_docref(NULL, E_WARNING, "Cannot get data of column #%d (retcode %u)", field_ind + 1, rc); + efree(field); + RETURN_FALSE; + } + if (result->values[field_ind].vallen == SQL_NULL_DATA) { efree(field); RETURN_NULL(); @@ -1981,6 +1994,11 @@ PHP_FUNCTION(odbc_result_all) } if (rc == SQL_SUCCESS_WITH_INFO) { PHPWRITE(buf, result->longreadlen); + } else if (rc != SQL_SUCCESS) { + php_printf("</td></tr></table>"); + php_error_docref(NULL, E_WARNING, "Cannot get data of column #%d (retcode %u)", i + 1, rc); + efree(buf); + RETURN_FALSE; } else if (result->values[i].vallen == SQL_NULL_DATA) { php_printf("<td>NULL</td>"); break; |