From: Antony Dovgal <tony2001@php.net>
Date: Mon, 5 Jun 2006 07:35:32 +0000 (+0000)
Subject: MFH: fix OCIPasswordChange() parameters (patch by pholdaway at technocom-wireless... 
X-Git-Tag: php-5.2.0RC1~374
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a588f2dc6066930db6574f98666f079cefe278ec;p=php

MFH: fix OCIPasswordChange() parameters (patch by pholdaway at technocom-wireless dot com)
prevent username, password and new password from being empty
---

diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c
index 8e66cac992..30d287d460 100644
--- a/ext/oci8/oci8.c
+++ b/ext/oci8/oci8.c
@@ -1264,7 +1264,7 @@ open:
 
 	if (new_password) {
 		/* try to change password if new one was provided {{{ */
-		OCI_G(errcode) = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, OCI_G(err), (text *)username, username_len+1, (text *)password, password_len+1, (text *)new_password, new_password_len+1, OCI_AUTH));
+		OCI_G(errcode) = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, OCI_G(err), (text *)username, username_len, (text *)password, password_len, (text *)new_password, new_password_len, OCI_AUTH));
 
 		if (OCI_G(errcode) != OCI_SUCCESS) {
 			php_oci_error(OCI_G(err), OCI_G(errcode) TSRMLS_CC);
@@ -1496,7 +1496,7 @@ static int php_oci_connection_close(php_oci_connection *connection TSRMLS_DC)
  Change password for the user with the username given */
 int php_oci_password_change(php_oci_connection *connection, char *user, int user_len, char *pass_old, int pass_old_len, char *pass_new, int pass_new_len TSRMLS_DC)
 {
-	connection->errcode = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, connection->err, (text *)user, user_len+1, (text *)pass_old, pass_old_len+1, (text *)pass_new, pass_new_len+1, OCI_DEFAULT));
+	connection->errcode = PHP_OCI_CALL(OCIPasswordChange, (connection->svc, connection->err, (text *)user, user_len, (text *)pass_old, pass_old_len, (text *)pass_new, pass_new_len, OCI_DEFAULT));
 
 	if (connection->errcode != OCI_SUCCESS) {
 		php_oci_error(connection->err, connection->errcode TSRMLS_CC);
diff --git a/ext/oci8/oci8_interface.c b/ext/oci8/oci8_interface.c
index 51da8c187f..f934b1c52d 100644
--- a/ext/oci8/oci8_interface.c
+++ b/ext/oci8/oci8_interface.c
@@ -1689,12 +1689,38 @@ PHP_FUNCTION(oci_password_change)
 	if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "rsss", &z_connection, &user, &user_len, &pass_old, &pass_old_len, &pass_new, &pass_new_len) == SUCCESS) {
 		PHP_OCI_ZVAL_TO_CONNECTION(z_connection, connection);
 
+		if (!user_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "username cannot be empty");
+			RETURN_FALSE;
+		}
+		if (!pass_old_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "old password cannot be empty");
+			RETURN_FALSE;
+		}
+		if (!pass_new_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "new password cannot be empty");
+			RETURN_FALSE;
+		}
+
 		if (php_oci_password_change(connection, user, user_len, pass_old, pass_old_len, pass_new, pass_new_len TSRMLS_CC)) {
 			RETURN_FALSE;
 		}
 		RETURN_TRUE;
 	} else if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "ssss", &dbname, &dbname_len, &user, &user_len, &pass_old, &pass_old_len, &pass_new, &pass_new_len) == SUCCESS) {
 
+		if (!user_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "username cannot be empty");
+			RETURN_FALSE;
+		}
+		if (!pass_old_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "old password cannot be empty");
+			RETURN_FALSE;
+		}
+		if (!pass_new_len) {
+			php_error_docref(NULL TSRMLS_CC, E_WARNING, "new password cannot be empty");
+			RETURN_FALSE;
+		}
+
 		connection = php_oci_do_connect_ex(user, user_len, pass_old, pass_old_len, pass_new, pass_new_len, dbname, dbname_len, NULL, OCI_DEFAULT, 0, 0 TSRMLS_CC);
 		if (!connection) {
 			RETURN_FALSE;