Greetings,
I have created a patch for Bug #44251 (Question mark and an escaped
singel quote lead to an exception).
The issue was introduced by the fix for Bug #36798 (mysql error when
using named parameters in a query with high ascii). That fix ended up
removing code that would ignore escaped quotes inside of quoted text.
Instead, the parser would treat any escaped quotes as the end of the
quoted string. Therefore, if you have an escaped quote followed by a
question mark, the parse thinks the question mark is a placeholder.
My patch updates the regular expressions used for finding quoted strings
to properly ignore escaped quotes. It also seems to handle the test
case from Bug #36798 correctly.
This is my first patch submission, so I have some questions:
The patch is against 5.2.6. Should it be against a different version?
I had to alter a .re file and a regenerated the .c file with re2c
0.13.5. Should I use a different version and if so where can I get it?
Should I even be submitting the updated .c file?
Thanks!
Tim Steiner
--- php-5.2.6/ext/pdo/pdo_sql_parser.re 2007-12-31 01:17:40.000000000 -0600
+++ php-5.2.6.fixed/ext/pdo/pdo_sql_parser.re 2008-09-08 11:06:39.000000000
-0500
@@ -55,8 +55,8 @@
*/
/*!re2c
- (["] ([^"])* ["]) { RET(PDO_PARSER_TEXT); }
- (['] ([^'])* [']) { RET(PDO_PARSER_TEXT); }
+ (["](([\\]ANYNOEOF)|ANYNOEOF\["\\])*["]) {
RET(PDO_PARSER_TEXT); }
+ (['](([\\]ANYNOEOF)|ANYNOEOF\['\\])*[']) {
RET(PDO_PARSER_TEXT); }
MULTICHAR{2,}
{ RET(PDO_PARSER_TEXT); }
BINDCHR {
RET(PDO_PARSER_BIND); }
QUESTION
{ RET(PDO_PARSER_BIND_POS); }
--- php-5.2.6/ext/pdo/pdo_sql_parser.c 2008-04-30 13:37:40.000000000 -0500
+++ php-5.2.6.fixed/ext/pdo/pdo_sql_parser.c 2008-09-08 11:06:43.000000000
-0500
@@ -1,4 +1,5 @@
-/* Generated by re2c 0.11.0 on Mon Nov 26 16:10:28 2007 */
+/* Generated by re2c 0.13.5 on Mon Sep 8 11:06:43 2008 */
+#line 1 "ext/pdo/pdo_sql_parser.re"
/*
+----------------------------------------------------------------------+
| PHP Version 5 |
@@ -17,7 +18,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: pdo_sql_parser.c,v 1.35.2.6.2.15 2007/12/31 07:20:09 sebastian Exp $ */
+/* $Id: pdo_sql_parser.re,v 1.28.2.4.2.12 2007/12/31 07:17:40 sebastian Exp $
*/
#include "php.h"
#include "php_pdo_driver.h"
@@ -46,15 +47,17 @@
char *cursor = s->cur;
s->tok = cursor;
+ #line 55 "ext/pdo/pdo_sql_parser.re"
+#line 55 "ext/pdo/pdo_sql_parser.c"
{
YYCTYPE yych;
- if((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
+ if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
- switch(yych) {
+ switch (yych) {
case 0x00: goto yy11;
case '"': goto yy2;
case '\'': goto yy4;
@@ -63,16 +66,19 @@
default: goto yy8;
}
yy2:
- yych = *++YYCURSOR;
- goto yy24;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych >= 0x01) goto yy26;
yy3:
+#line 63 "ext/pdo/pdo_sql_parser.re"
{ SKIP_ONE(PDO_PARSER_TEXT); }
+#line 75 "ext/pdo/pdo_sql_parser.c"
yy4:
- yych = *++YYCURSOR;
+ yych = *(YYMARKER = ++YYCURSOR);
+ if (yych <= 0x00) goto yy3;
goto yy20;
yy5:
yych = *++YYCURSOR;
- switch(yych) {
+ switch (yych) {
case '0':
case '1':
case '2':
@@ -142,18 +148,20 @@
}
yy6:
++YYCURSOR;
- switch((yych = *YYCURSOR)) {
+ switch ((yych = *YYCURSOR)) {
case ':':
case '?': goto yy13;
default: goto yy7;
}
yy7:
+#line 62 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_BIND_POS); }
+#line 160 "ext/pdo/pdo_sql_parser.c"
yy8:
++YYCURSOR;
- if(YYLIMIT == YYCURSOR) YYFILL(1);
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
- switch(yych) {
+ switch (yych) {
case 0x00:
case '"':
case '\'':
@@ -162,26 +170,32 @@
default: goto yy8;
}
yy10:
+#line 64 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_TEXT); }
+#line 176 "ext/pdo/pdo_sql_parser.c"
yy11:
++YYCURSOR;
+#line 65 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_EOI); }
+#line 181 "ext/pdo/pdo_sql_parser.c"
yy13:
++YYCURSOR;
- if(YYLIMIT == YYCURSOR) YYFILL(1);
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
- switch(yych) {
+ switch (yych) {
case ':':
case '?': goto yy13;
default: goto yy15;
}
yy15:
+#line 60 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_TEXT); }
+#line 194 "ext/pdo/pdo_sql_parser.c"
yy16:
++YYCURSOR;
- if(YYLIMIT == YYCURSOR) YYFILL(1);
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
- switch(yych) {
+ switch (yych) {
case '0':
case '1':
case '2':
@@ -248,32 +262,58 @@
default: goto yy18;
}
yy18:
+#line 61 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_BIND); }
+#line 268 "ext/pdo/pdo_sql_parser.c"
yy19:
++YYCURSOR;
- if(YYLIMIT == YYCURSOR) YYFILL(1);
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
yy20:
- switch(yych) {
- case '\'': goto yy21;
+ switch (yych) {
+ case 0x00: goto yy21;
+ case '\'': goto yy23;
+ case '\\': goto yy22;
default: goto yy19;
}
yy21:
+ YYCURSOR = YYMARKER;
+ goto yy3;
+yy22:
++YYCURSOR;
- { RET(PDO_PARSER_TEXT); }
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
+ yych = *YYCURSOR;
+ if (yych <= 0x00) goto yy21;
+ goto yy19;
yy23:
++YYCURSOR;
- if(YYLIMIT == YYCURSOR) YYFILL(1);
+#line 59 "ext/pdo/pdo_sql_parser.re"
+ { RET(PDO_PARSER_TEXT); }
+#line 293 "ext/pdo/pdo_sql_parser.c"
+yy25:
+ ++YYCURSOR;
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy24:
- switch(yych) {
- case '"': goto yy25;
- default: goto yy23;
+yy26:
+ switch (yych) {
+ case 0x00: goto yy21;
+ case '"': goto yy28;
+ case '\\': goto yy27;
+ default: goto yy25;
}
-yy25:
+yy27:
+ ++YYCURSOR;
+ if (YYLIMIT <= YYCURSOR) YYFILL(1);
+ yych = *YYCURSOR;
+ if (yych <= 0x00) goto yy21;
+ goto yy25;
+yy28:
++YYCURSOR;
+#line 58 "ext/pdo/pdo_sql_parser.re"
{ RET(PDO_PARSER_TEXT); }
+#line 315 "ext/pdo/pdo_sql_parser.c"
}
+#line 66 "ext/pdo/pdo_sql_parser.re"
}
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
