From: Andrey Hristov <andrey@php.net>
Date: Tue, 27 Apr 2010 08:45:23 +0000 (+0000)
Subject: Test case for the buffer overflow in mysqlnd_change_user
X-Git-Tag: php-5.4.0alpha1~191^2~1640
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a00f8f4ea7a3ec9430cd1d76cd647e034fa01736;p=php

Test case for the buffer overflow in mysqlnd_change_user
---

diff --git a/ext/mysqli/tests/mysqli_change_user.phpt b/ext/mysqli/tests/mysqli_change_user.phpt
index b699229ceb..a9b8ae7ade 100644
--- a/ext/mysqli/tests/mysqli_change_user.phpt
+++ b/ext/mysqli/tests/mysqli_change_user.phpt
@@ -73,8 +73,18 @@ require_once('skipifconnectfailure.inc');
 
 	mysqli_close($link);
 
+	if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) {
+		printf("[020] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n",
+			$host, $user, $db, $port, $socket);
+	}
+
+	if (false !== ($tmp = mysqli_change_user($link, str_repeat('user', 16384), str_repeat('pass', 16384), str_repeat('dbase', 16384))))
+		printf("[021] Expecting false, got %s/%s\n", gettype($tmp), $tmp);
+
+	mysqli_close($link);
+
 	if (NULL !== ($tmp = @mysqli_change_user($link, $user, $passwd, $db)))
-		printf("[020] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp);
+		printf("[022] Expecting NULL, got %s/%s\n", gettype($tmp), $tmp);
 
 	print "done!";
 ?>