From: Antony Dovgal <tony2001@php.net>
Date: Thu, 27 Jan 2005 01:11:15 +0000 (+0000)
Subject: fix segfault when invalid field offset is passed to mysqli_fetch_field_direct()
X-Git-Tag: php-5.0.4RC1~238
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=516c2aa7da3f0042b108cbc300cde8dbdae4ab33;p=php

fix segfault when invalid field offset is passed to mysqli_fetch_field_direct()
---

diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c
index b80beba4d4..f403105a92 100644
--- a/ext/mysqli/mysqli_api.c
+++ b/ext/mysqli/mysqli_api.c
@@ -753,6 +753,11 @@ PHP_FUNCTION(mysqli_fetch_field_direct)
 
 	MYSQLI_FETCH_RESOURCE(result, MYSQL_RES *, &mysql_result, "mysqli_result"); 
 
+	if (offset < 0 || offset >= mysql_num_fields(result)) {
+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Field offset is invalid for resultset");
+		RETURN_FALSE; 
+	}
+
 	if (!(field = mysql_fetch_field_direct(result,offset))) {
 		RETURN_FALSE;
 	}