Bug #53323 [Opn->Csd]: pdo_firebird getAttribute() crash

Tue, 16 Nov 2010 13:05:06 -0800 

Edit report at http://bugs.php.net/bug.php?id=53323&edit=1

 ID:                 53323
 Updated by:         fel...@php.net
 Reported by:        preeves at ibphoenix dot com
-Summary:            Some calls to pdo_firebird getAttribute crash
+Summary:            pdo_firebird getAttribute() crash
-Status:             Open
+Status:             Closed
 Type:               Bug
 Package:            PDO related
 PHP Version:        5.3.3
-Assigned To:        
+Assigned To:        felipe
 Block user comment: N
 Private report:     N

 New Comment:

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Thanks for the patch!



I've modified a bit the patch, I removed the lines adding
PDO_ATTR_PREFETCH, PDO_ATTR_TIMEOUT, as this is not a pdo_firebird
problem, but the pdo drivers works in this way.


Previous Comments:
------------------------------------------------------------------------
[2010-11-16 22:02:16] fel...@php.net

Automatic comment from SVN on behalf of felipe
Revision: http://svn.php.net/viewvc/?view=revision&revision=305416
Log: - Fixed bug #53323 (pdo_firebird getAttribute() crash)
  patch by: preeves at ibphoenix dot com

------------------------------------------------------------------------
[2010-11-16 17:44:58] preeves at ibphoenix dot com

Description:
------------
There is a bug and a few omissions in firebird_handle_get_attribute.



Most significantly it declares tmp[200] which is used to store the
server 

version. Unfortunately, a typical server version string is now over 300
bytes 

long. So this call just blows the driver out of the water, leaves this
error 

in the apache log:



*** stack smashing detected ***: /usr/sbin/httpd2-prefork terminated    
                                                                        
          

[Tue Nov 16 13:42:53 2010] [notice] child pid 11656 exit signal
Segmentation

fault (11)



and the user is left staring at a server timeout error in the browser.
This is 

easily fixed by declaring tmp[]  to be larger.



Less seriously, these attributes are not handled:



  PDO_ATTR_PREFETCH,

  PDO_ATTR_TIMEOUT,

  PDO_ATTR_FETCH_TABLE_NAMES



so if they are called outside a try..catch then the call will fail
badly. It 

is not obvious that a try..catch should be required so it is probably
better 

to just handle these cases in the driver.



I've attached a patch which fixes all of these issues.



------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=53323&edit=1

Reply via email to