From f7f36b4f3785c35dc842212c4eee71e6aa7b9922 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Fri, 30 May 2003 14:09:21 +0000 Subject: [PATCH] MFH --- NEWS | 1 + ext/mysql/php_mysql.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/NEWS b/NEWS index 5cdc5e269e..0991b8dd62 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,7 @@ PHP 4 NEWS - Added DBA handler 'inifile' to support ini files. (Marcus) - Fixed bug #23897 (Fixed a check for mbfilter_ru.h). (aleks@m2media.ru, Ilia) - Fixed bug #23894 (sprintf() decimal specifiers problem). (Moriyoshi) +- Fixed bug #23888 (Missing input validation for flags parameter) (Ilia) 29 May 2003, Version 4.3.2 - Syncronized bundled GD library with GD 2.0.12. (Ilia) diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c index 14ba53f6c1..1aa6990d16 100644 --- a/ext/mysql/php_mysql.c +++ b/ext/mysql/php_mysql.c @@ -525,6 +525,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_boolean_ex(z_new_link); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); new_link = Z_BVAL_PP(z_new_link); @@ -535,6 +536,7 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_long_ex(z_client_flags); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); client_flags = Z_LVAL_PP(z_client_flags); @@ -547,6 +549,8 @@ static void php_mysql_do_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) } convert_to_string_ex(z_user); convert_to_string_ex(z_passwd); + convert_to_boolean_ex(z_new_link); + convert_to_long_ex(z_client_flags); user = Z_STRVAL_PP(z_user); passwd = Z_STRVAL_PP(z_passwd); new_link = Z_BVAL_PP(z_new_link); -- 2.50.1