MFH: fix OCIPasswordChange() parameters (patch by pholdaway at technocom-wireless...

prevent username, password and new password from being empty

diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c
index 8e66cac9923f7dea69f88c346fb78edd5a9afd14..30d287d46040cea25dce399dc1258c681b20b6cf 100644 (file)
--- a/ext/oci8/oci8.c
+++ b/ext/oci8/oci8.c
@@ -1264,7 +1264,7 @@ open:
 
        if (new_password) {
                /* try to change password if new one was provided {{{ */
-               OCI_G(errcode) = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, OCI_G(err), (text *)username, username_len+1, (text *)password, password_len+1, (text *)new_password, new_password_len+1, OCI_AUTH));
+               OCI_G(errcode) = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, OCI_G(err), (text *)username, username_len, (text *)password, password_len, (text *)new_password, new_password_len, OCI_AUTH));
 
                if (OCI_G(errcode) != OCI_SUCCESS) {
                        php_oci_error(OCI_G(err), OCI_G(errcode) TSRMLS_CC);
@@ -1496,7 +1496,7 @@ static int php_oci_connection_close(php_oci_connection *connection TSRMLS_DC)
  Change password for the user with the username given */
 int php_oci_password_change(php_oci_connection *connection, char *user, int user_len, char *pass_old, int pass_old_len, char *pass_new, int pass_new_len TSRMLS_DC)
 {
-       connection->errcode = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, connection->err, (text *)user, user_len+1, (text *)pass_old, pass_old_len+1, (text *)pass_new, pass_new_len+1, OCI_DEFAULT));
+       connection->errcode = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, connection->err, (text *)user, user_len, (text *)pass_old, pass_old_len, (text *)pass_new, pass_new_len, OCI_DEFAULT));
 
        if (connection->errcode != OCI_SUCCESS) {
                php_oci_error(connection->err, connection->errcode TSRMLS_CC);

diff --git a/ext/oci8/oci8_interface.c b/ext/oci8/oci8_interface.c
index 51da8c187f0151844b5730de086730d715ca761b..f934b1c52d5158c61c9e2983fd77481aa890b9a3 100644 (file)
--- a/ext/oci8/oci8_interface.c
+++ b/ext/oci8/oci8_interface.c
@@ -1689,12 +1689,38 @@ PHP_FUNCTION(oci_password_change)
        if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "rsss", &z_connection, &user, &user_len, &pass_old, &pass_old_len, &pass_new, &pass_new_len) == SUCCESS) {
                PHP_OCI_ZVAL_TO_CONNECTION(z_connection, connection);
 
+               if (!user_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "username cannot be empty");
+                       RETURN_FALSE;
+               }
+               if (!pass_old_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "old password cannot be empty");
+                       RETURN_FALSE;
+               }
+               if (!pass_new_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "new password cannot be empty");
+                       RETURN_FALSE;
+               }
+
                if (php_oci_password_change(connection, user, user_len, pass_old, pass_old_len, pass_new, pass_new_len TSRMLS_CC)) {
                        RETURN_FALSE;
                }
                RETURN_TRUE;
        } else if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "ssss", &dbname, &dbname_len, &user, &user_len, &pass_old, &pass_old_len, &pass_new, &pass_new_len) == SUCCESS) {
 
+               if (!user_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "username cannot be empty");
+                       RETURN_FALSE;
+               }
+               if (!pass_old_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "old password cannot be empty");
+                       RETURN_FALSE;
+               }
+               if (!pass_new_len) {
+                       php_error_docref(NULL TSRMLS_CC, E_WARNING, "new password cannot be empty");
+                       RETURN_FALSE;
+               }
+
                connection = php_oci_do_connect_ex(user, user_len, pass_old, pass_old_len, pass_new, pass_new_len, dbname, dbname_len, NULL, OCI_DEFAULT, 0, 0 TSRMLS_CC);
                if (!connection) {
                        RETURN_FALSE;