diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-04-05 22:36:55 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-04-05 22:37:51 -0700 |
| commit | 66b853d4261a813287ab5e379392e418bf715e82 (patch) | |
| tree | 6bb3ca78a3f48696892256205ed4b7396a6a8962 /ext/sqlite3/sqlite3.c | |
| parent | 96f5be53f67cfb2caa156f363b6b3245a1ed4568 (diff) | |
| parent | 5ae20c624781bdd39ba14b2f856234c168f7ea38 (diff) | |
| download | php-git-66b853d4261a813287ab5e379392e418bf715e82.tar.gz | |
Merge branch 'PHP-5.4' into PHP-5.5
* PHP-5.4:
Fix bug #66550 (SQLite prepared statement use-after-free)
Diffstat (limited to 'ext/sqlite3/sqlite3.c')
| -rw-r--r-- | ext/sqlite3/sqlite3.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ext/sqlite3/sqlite3.c b/ext/sqlite3/sqlite3.c index 8178d4f3b2..ce3af65fcb 100644 --- a/ext/sqlite3/sqlite3.c +++ b/ext/sqlite3/sqlite3.c @@ -1279,6 +1279,8 @@ PHP_METHOD(sqlite3stmt, paramCount) php_sqlite3_stmt *stmt_obj; zval *object = getThis(); stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) if (zend_parse_parameters_none() == FAILURE) { return; @@ -1295,6 +1297,8 @@ PHP_METHOD(sqlite3stmt, close) php_sqlite3_stmt *stmt_obj; zval *object = getThis(); stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) if (zend_parse_parameters_none() == FAILURE) { return; @@ -1313,6 +1317,8 @@ PHP_METHOD(sqlite3stmt, reset) php_sqlite3_stmt *stmt_obj; zval *object = getThis(); stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) if (zend_parse_parameters_none() == FAILURE) { return; @@ -1333,6 +1339,8 @@ PHP_METHOD(sqlite3stmt, clear) php_sqlite3_stmt *stmt_obj; zval *object = getThis(); stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) if (zend_parse_parameters_none() == FAILURE) { return; @@ -1354,6 +1362,8 @@ PHP_METHOD(sqlite3stmt, readOnly) php_sqlite3_stmt *stmt_obj; zval *object = getThis(); stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) if (zend_parse_parameters_none() == FAILURE) { return; @@ -1421,6 +1431,8 @@ PHP_METHOD(sqlite3stmt, bindParam) zval *object = getThis(); struct php_sqlite3_bound_param param = {0}; stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) param.param_number = -1; param.type = SQLITE3_TEXT; @@ -1452,6 +1464,8 @@ PHP_METHOD(sqlite3stmt, bindValue) zval *object = getThis(); struct php_sqlite3_bound_param param = {0}; stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) param.param_number = -1; param.type = SQLITE3_TEXT; @@ -1487,6 +1501,8 @@ PHP_METHOD(sqlite3stmt, execute) stmt_obj = (php_sqlite3_stmt *)zend_object_store_get_object(object TSRMLS_CC); + SQLITE3_CHECK_INITIALIZED(stmt_obj->db_obj, stmt_obj->initialised, SQLite3) + if (zend_parse_parameters_none() == FAILURE) { return; } |