From d73d4e486cd22e81fc68aa4f56cea502157fab70 Mon Sep 17 00:00:00 2001 From: Felipe Pena Date: Sun, 7 Nov 2010 18:13:53 +0000 Subject: [PATCH] - Fixed bug #52512 (Broken error handling in odbc_execute) patch by: mkoegler at auto dot tuwien dot ac dot at --- ext/odbc/php_odbc.c | 45 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c index ac8564a573..4c4ae11e44 100644 --- a/ext/odbc/php_odbc.c +++ b/ext/odbc/php_odbc.c @@ -1262,11 +1262,19 @@ PHP_FUNCTION(odbc_execute) zend_hash_internal_pointer_reset(Z_ARRVAL_P(pv_param_arr)); params = (params_t *)safe_emalloc(sizeof(params_t), result->numparams, 0); + for(i = 0; i < result->numparams; i++) { + params[i].fp = -1; + } for(i = 1; i <= result->numparams; i++) { if (zend_hash_get_current_data(Z_ARRVAL_P(pv_param_arr), (void **) &tmp) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Error getting parameter"); SQLFreeStmt(result->stmt,SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } @@ -1276,13 +1284,29 @@ PHP_FUNCTION(odbc_execute) if (Z_TYPE_PP(tmp) != IS_STRING) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Error converting parameter"); SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } - SQLDescribeParam(result->stmt, (SQLUSMALLINT)i, &sqltype, &precision, &scale, &nullable); + rc = SQLDescribeParam(result->stmt, (SQLUSMALLINT)i, &sqltype, &precision, &scale, &nullable); params[i-1].vallen = Z_STRLEN_PP(tmp); params[i-1].fp = -1; + if (rc == SQL_ERROR) { + odbc_sql_error(result->conn_ptr, result->stmt, "SQLDescribeParameter"); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } + efree(params); + RETURN_FALSE; + } if (IS_SQL_BINARY(sqltype)) { ctype = SQL_C_BINARY; @@ -1299,6 +1323,12 @@ PHP_FUNCTION(odbc_execute) /* Check the basedir */ if (php_check_open_basedir(filename TSRMLS_CC)) { efree(filename); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } efree(params); RETURN_FALSE; } @@ -1306,7 +1336,7 @@ PHP_FUNCTION(odbc_execute) if ((params[i-1].fp = open(filename,O_RDONLY)) == -1) { php_error_docref(NULL TSRMLS_CC, E_WARNING,"Can't open file %s", filename); SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); - for(i = 0; i < result->numparams; i++) { + for (i = 0; i < result->numparams; i++) { if (params[i].fp != -1) { close(params[i].fp); } @@ -1337,6 +1367,17 @@ PHP_FUNCTION(odbc_execute) Z_STRVAL_PP(tmp), 0, ¶ms[i-1].vallen); } + if (rc == SQL_ERROR) { + odbc_sql_error(result->conn_ptr, result->stmt, "SQLBindParameter"); + SQLFreeStmt(result->stmt, SQL_RESET_PARAMS); + for (i = 0; i < result->numparams; i++) { + if (params[i].fp != -1) { + close(params[i].fp); + } + } + efree(params); + RETURN_FALSE; + } zend_hash_move_forward(Z_ARRVAL_P(pv_param_arr)); } } -- 2.40.0