From: Nikita Popov Date: Mon, 19 Oct 2020 08:22:08 +0000 (+0200) Subject: Check PDOStatement initialization during iteration X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=74fe9170b65740bcdc41c9706ec38c31654c12f6;p=php Check PDOStatement initialization during iteration --- diff --git a/ext/pdo/pdo_stmt.c b/ext/pdo/pdo_stmt.c index 3222a617f0..f8ff90ba9b 100644 --- a/ext/pdo/pdo_stmt.c +++ b/ext/pdo/pdo_stmt.c @@ -2287,15 +2287,18 @@ static const zend_object_iterator_funcs pdo_stmt_iter_funcs = { zend_object_iterator *pdo_stmt_iter_get(zend_class_entry *ce, zval *object, int by_ref) { - pdo_stmt_t *stmt = Z_PDO_STMT_P(object); - struct php_pdo_iterator *I; - if (by_ref) { zend_throw_error(NULL, "An iterator cannot be used with foreach by reference"); return NULL; } - I = ecalloc(1, sizeof(struct php_pdo_iterator)); + pdo_stmt_t *stmt = Z_PDO_STMT_P(object); + if (!stmt->dbh) { + zend_throw_error(NULL, "PDO object is uninitialized"); + return NULL; + } + + struct php_pdo_iterator *I = ecalloc(1, sizeof(struct php_pdo_iterator)); zend_iterator_init(&I->iter); I->iter.funcs = &pdo_stmt_iter_funcs; Z_ADDREF_P(object); diff --git a/ext/pdo/tests/pdo_uninitialized.phpt b/ext/pdo/tests/pdo_uninitialized.phpt new file mode 100644 index 0000000000..4ddfa7558c --- /dev/null +++ b/ext/pdo/tests/pdo_uninitialized.phpt @@ -0,0 +1,39 @@ +--TEST-- +Uninitialized PDO objects +--SKIPIF-- + +--FILE-- +query("foo"); +} catch (Error $e) { + echo $e->getMessage(), "\n"; +} + +$stmt = new MyPDOStatement; +try { + $stmt->fetch(); +} catch (Error $e) { + echo $e->getMessage(), "\n"; +} +$stmt = new MyPDOStatement; +try { + foreach ($stmt as $row) {} +} catch (Error $e) { + echo $e->getMessage(), "\n"; +} + +?> +--EXPECT-- +PDO object is not initialized, constructor was not called +PDO object is uninitialized +PDO object is uninitialized