Fix bug #76488 Memory leak when fetching a BLOB field

Add a phpt test

diff --git a/ext/pdo_firebird/firebird_statement.c b/ext/pdo_firebird/firebird_statement.c
index bfe2dd717dc99fe22d8c78be07ff91caf054b9f5..46dc10760ab7cae878e73c62249cc72ba9a1ec71 100644 (file)
--- a/ext/pdo_firebird/firebird_statement.c
+++ b/ext/pdo_firebird/firebird_statement.c
@@ -294,7 +294,7 @@ static int firebird_fetch_blob(pdo_stmt_t *stmt, int colno, char **ptr, /* {{{ *
                unsigned short seg_len;
                ISC_STATUS stat;
 
-               *ptr = S->fetch_buf[colno] = erealloc(*ptr, *len+1);
+               *ptr = S->fetch_buf[colno] = erealloc(S->fetch_buf[colno], *len+1);
 
                for (cur_len = stat = 0; (!stat || stat == isc_segment) && cur_len < *len; cur_len += seg_len) {
 

diff --git a/ext/pdo_firebird/tests/bug_76488.phpt b/ext/pdo_firebird/tests/bug_76488.phpt
new file mode 100644 (file)
index 0000000..dba6734
--- /dev/null
+++ b/ext/pdo_firebird/tests/bug_76488.phpt
@@ -0,0 +1,32 @@
+--TEST--
+PDO_Firebird: Bug #76488 Memory leak when fetching a BLOB field
+--SKIPIF--
+<?php if (!extension_loaded('interbase') || !extension_loaded('pdo_firebird')) die('skip'); ?>
+--FILE--
+<?php
+require 'testdb.inc';
+$dbh = new PDO('firebird:dbname='.$test_base, $user, $password) or die;
+
+$sql = '
+with recursive r(n) as (
+  select 1 from rdb$database
+  union all
+  select n+1 from r where n < 1000
+)
+select n,
+       cast(lpad(\'A\', 8000, \'A\') as BLOB sub_type TEXT) as SRC
+from r 
+';
+
+    for ($i = 0; $i < 10; $i++) {
+        $sth = $dbh->prepare($sql);
+        $sth->execute();          
+        $rows = $sth->fetchAll();
+           unset($rows);
+           unset($sth);
+    }
+    unset($dbh);
+    echo "OK";
+?>
+--EXPECT--
+OK
\ No newline at end of file