From 43b0c8adea423292054cbba4703587ff1465e753 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Mon, 23 Jun 2003 19:30:42 +0000 Subject: [PATCH] Fixed a crash inside sqlite_array_query() when invalid query is specified. --- ext/sqlite/sqlite.c | 17 ++++++++++++++--- ext/sqlite/tests/sqlite_018.phpt | 13 +++++++++++++ 2 files changed, 27 insertions(+), 3 deletions(-) create mode 100755 ext/sqlite/tests/sqlite_018.phpt diff --git a/ext/sqlite/sqlite.c b/ext/sqlite/sqlite.c index fdc8abf909..fcfded8899 100644 --- a/ext/sqlite/sqlite.c +++ b/ext/sqlite/sqlite.c @@ -972,8 +972,11 @@ void sqlite_query(struct php_sqlite_db *db, char *sql, long sql_len, int mode, i if (ret != SQLITE_OK) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", errtext); sqlite_freemem(errtext); - - RETURN_FALSE; + if (return_value) { + RETURN_FALSE; + } else { + return; + } } if (!rres) { @@ -987,7 +990,11 @@ void sqlite_query(struct php_sqlite_db *db, char *sql, long sql_len, int mode, i /* now the result set is ready for stepping: get first row */ if (php_sqlite_fetch(rres TSRMLS_CC) != SQLITE_OK) { real_result_dtor(rres TSRMLS_CC); - RETURN_FALSE; + if (return_value) { + RETURN_FALSE; + } else { + return; + } } rres->curr_row = 0; @@ -1276,6 +1283,10 @@ PHP_FUNCTION(sqlite_array_query) rres = (struct php_sqlite_result *)emalloc(sizeof(*rres)); sqlite_query(db, sql, sql_len, mode, 0, NULL, rres TSRMLS_CC); + if (db->last_err_code != SQLITE_OK) { + efree(rres); + RETURN_FALSE; + } array_init(return_value); diff --git a/ext/sqlite/tests/sqlite_018.phpt b/ext/sqlite/tests/sqlite_018.phpt new file mode 100755 index 0000000000..bc14bb1c8d --- /dev/null +++ b/ext/sqlite/tests/sqlite_018.phpt @@ -0,0 +1,13 @@ +--TEST-- +sqlite: crash on bad queries inside sqlite_array_query() +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +Warning: sqlite_array_query(): no such table: foobar in %s on line %d -- 2.50.1