Home Original page

Broken error handling in odbc_execute

Bug #52512 Broken error handling in odbc_execute
Submitted: 2010-08-02 10:57 UTC Modified: 2010-11-07 19:14 UTC
From: mkoegler at auto dot tuwien dot ac dot at Assigned: felipe (profile)
Status: Closed Package: ODBC related
PHP Version: 5.3.3 OS: any
Private report: No CVE-ID: None

 [2010-08-02 10:57 UTC] mkoegler at auto dot tuwien dot ac dot at

Description:
------------
odbc_execute has problems in its error handling:

* The list of open file descriptors for parameters is not closed properly

params[i].fp is not initialized with -1 => close may be called with a value leftover in memory by safe_emalloc.

* In the case of some errors, the file descriptors are not closed

* The return value of SQLDescribeParam and SQLBindParameter are not checked

Adding these error checks also yields to better error messages with some database systems.

Patches

odbc_execute_errorhandling.patch (last revision 2010-08-02 08:58 UTC by mkoegler at auto dot tuwien dot ac dot at)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

 [2010-11-06 18:55 UTC] felipe@php.net

Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc. If the script requires a 
database to demonstrate the issue, please make sure it creates 
all necessary tables, stored procedures etc.

Please avoid embedding huge scripts into the report.

 [2010-11-07 19:14 UTC] felipe@php.net

-Status: Feedback +Status: Closed -Assigned To: +Assigned To: felipe

 [2010-11-07 19:14 UTC] felipe@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.