From: Ilia Alshanetsky Date: Fri, 30 May 2003 14:09:21 +0000 (+0000) Subject: MFH X-Git-Tag: BEFORE_FD_REAPPLY~13 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f7f36b4f3785c35dc842212c4eee71e6aa7b9922;p=php MFH --- diff --git a/NEWS b/NEWS index 5cdc5e269e..0991b8dd62 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,7 @@ PHP 4 NEWS - Added DBA handler 'inifile' to support ini files. (Marcus) - Fixed bug #23897 (Fixed a check for mbfilter_ru.h). (aleks@m2media.ru, Ilia) - Fixed bug #23894 (sprintf() decimal specifiers problem). (Moriyoshi) +- Fixed bug #23888 (Missing input validation for flags parameter) (Ilia) 29 May 2003, Version 4.3.2 - Syncronized bundled GD library with GD 2.0.12. (Ilia) diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c index 14ba53f6c1..1aa6990d16 100644 --- a/ext/mysql/php_mysql.c +++ b/ext/mysql/php_mysql.c @@ -525,6 +525,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_boolean_ex(z_new_link); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); new_link = Z_BVAL_PP(z_new_link); @@ -535,6 +536,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_long_ex(z_client_flags); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); client_flags = Z_LVAL_PP(z_client_flags); @@ -547,6 +549,8 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_boolean_ex(z_new_link); + convert_to_long_ex(z_client_flags); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); new_link = Z_BVAL_PP(z_new_link);