#41125 [Opn->Fbk]: PDO mysql + quote() + prepare() can result in seg fault

Tue, 17 Apr 2007 13:38:18 -0700 

 ID:               41125
 Updated by:       [EMAIL PROTECTED]
 Reported By:      ed at bronto dot com
-Status:           Open
+Status:           Feedback
 Bug Type:         PDO related
 Operating System: Centos
 PHP Version:      5.2.1
 New Comment:

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.




Previous Comments:
------------------------------------------------------------------------

[2007-04-17 20:34:45] ed at bronto dot com

Description:
------------
Using PDO->quote on a portion of a query to be prepared will result in
a seg fault if:

- there is a bound parameter after the quoted value
- emulated prepares is on (1)
- mysql

If emulated prepares is off (0), the query fails.  This should also be
considered a bug.

Reproduce code:
---------------
//test.php

//the mysql table first: create table ed (id int not null, name
varchar(255) not null);

$db = new PDO('mysql:host=' . HOST . ';dbname=' . NAME, USERNAME,
PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 1);

$search = "o'riley";

$values = array();
$sql = "select id from ed where name like " . $db->quote('%' . $search
. '%');
$sth = $db->prepare($sql);
$sth->execute($values);
echo("here\n");

$values = array('id' => 1233434);
$sql = "select id from ed where name like " . $db->quote('%' . $search
. '%') . " and id = :id";
$sth = $db->prepare($sql);
$sth->execute($values);
echo("there\n");


Expected result:
----------------
No errors should occur.

Should print "here\nthere\n".

Actual result:
--------------
[EMAIL PROTECTED] php test.php
here
Segmentation fault



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=41125&edit=1

Reply via email to