MFH

author Ilia Alshanetsky <iliaa@php.net>

Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)
diff --git a/NEWS b/NEWS

index 5cdc5e269eabb3a3dd8bb9bba6393443f712fe73..0991b8dd621135ada5502febc410728bb164f61d 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,7 @@ PHP 4                                                                      NEWS
  - Added DBA handler 'inifile' to support ini files. (Marcus)
  - Fixed bug #23897 (Fixed a check for mbfilter_ru.h). (aleks@m2media.ru, Ilia)
  - Fixed bug #23894 (sprintf() decimal specifiers problem). (Moriyoshi)
+- Fixed bug #23888 (Missing input validation for flags parameter) (Ilia)
  
  29 May 2003, Version 4.3.2
  - Syncronized bundled GD library with GD 2.0.12. (Ilia)
diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c

index 14ba53f6c1bb92653c6b530b66c8cede07de9323..1aa6990d167000660e40c63bb19d47d0d9c20a7b 100644 (file)
--- a/ext/mysql/php_mysql.c
+++ b/ext/mysql/php_mysql.c
@@ -525,6 +525,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent)
                                                 }
                                                 convert_to_string_ex(z_user);
                                                 convert_to_string_ex(z_passwd);
+                                               convert_to_boolean_ex(z_new_link);
                                                 user = Z_STRVAL_PP(z_user);
                                                 passwd = Z_STRVAL_PP(z_passwd);
                                                 new_link = Z_BVAL_PP(z_new_link);
@@ -535,6 +536,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent)
                                                 }
                                                 convert_to_string_ex(z_user);
                                                 convert_to_string_ex(z_passwd);
+                                               convert_to_long_ex(z_client_flags);
                                                 user = Z_STRVAL_PP(z_user);
                                                 passwd = Z_STRVAL_PP(z_passwd);
                                                 client_flags = Z_LVAL_PP(z_client_flags);
@@ -547,6 +549,8 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent)
                                         }
                                         convert_to_string_ex(z_user);
                                         convert_to_string_ex(z_passwd);
+                                       convert_to_boolean_ex(z_new_link);
+                                       convert_to_long_ex(z_client_flags);
                                         user = Z_STRVAL_PP(z_user);
                                         passwd = Z_STRVAL_PP(z_passwd);
                                         new_link = Z_BVAL_PP(z_new_link);
author	Ilia Alshanetsky <iliaa@php.net>
	Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Fri, 30 May 2003 14:09:21 +0000 (14:09 +0000)
NEWS		patch \| blob \| history
ext/mysql/php_mysql.c		patch \| blob \| history