From 287d112e72b1fefd561d12d9fd6109acd51a0a22 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Thu, 21 Feb 2008 13:38:12 +0000 Subject: [PATCH] MFB: Fixed bug #44189 (PDO setAttribute() does not properly validate values for native numeric options) --- ext/pdo/pdo_dbh.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/ext/pdo/pdo_dbh.c b/ext/pdo/pdo_dbh.c index 3efb53b167..9642b8324c 100755 --- a/ext/pdo/pdo_dbh.c +++ b/ext/pdo/pdo_dbh.c @@ -675,8 +675,17 @@ static PHP_METHOD(PDO, rollBack) static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value TSRMLS_DC) /* {{{ */ { + +#define PDO_LONG_PARAM_CHECK \ + if (Z_TYPE_P(value) != IS_LONG && Z_TYPE_P(value) != IS_STRING && Z_TYPE_P(value) != IS_BOOL) { \ + pdo_raise_impl_error(dbh, NULL, "HY000", "attribute value must be an integer" TSRMLS_CC); \ + PDO_HANDLE_DBH_ERR(); \ + return FAILURE; \ + } \ + switch (attr) { case PDO_ATTR_ERRMODE: + PDO_LONG_PARAM_CHECK; convert_to_long(value); switch (Z_LVAL_P(value)) { case PDO_ERRMODE_SILENT: @@ -692,6 +701,7 @@ static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value TSRMLS_D return FAILURE; case PDO_ATTR_CASE: + PDO_LONG_PARAM_CHECK; convert_to_long(value); switch (Z_LVAL_P(value)) { case PDO_CASE_NATURAL: @@ -707,6 +717,7 @@ static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value TSRMLS_D return FAILURE; case PDO_ATTR_ORACLE_NULLS: + PDO_LONG_PARAM_CHECK; convert_to_long(value); dbh->oracle_nulls = Z_LVAL_P(value); return SUCCESS; @@ -720,6 +731,8 @@ static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value TSRMLS_D return FAILURE; } } + } else { + PDO_LONG_PARAM_CHECK; } convert_to_long(value); @@ -731,6 +744,7 @@ static int pdo_dbh_attribute_set(pdo_dbh_t *dbh, long attr, zval *value TSRMLS_D return SUCCESS; case PDO_ATTR_STRINGIFY_FETCHES: + PDO_LONG_PARAM_CHECK; convert_to_long(value); dbh->stringify = Z_LVAL_P(value) ? 1 : 0; return SUCCESS; -- 2.40.0