Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:114021
Return-Path: <tekiela246@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 2664 invoked from network); 11 Apr 2021 15:28:52 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 11 Apr 2021 15:28:52 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 3773C1804C6
	for <internals@lists.php.net>; Sun, 11 Apr 2021 08:29:10 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT,
	FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,
	SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-Virus: No
X-Envelope-From: <tekiela246@gmail.com>
Received: from mail-qk1-f180.google.com (mail-qk1-f180.google.com [209.85.222.180])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun, 11 Apr 2021 08:29:09 -0700 (PDT)
Received: by mail-qk1-f180.google.com with SMTP id c4so10851646qkg.3
        for <internals@lists.php.net>; Sun, 11 Apr 2021 08:29:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=dJfoLxoA9TSqNy4HLWyitoTynts8ZCJDBH7ByUMTsoE=;
        b=TA0Lj68pDQEGCKQKAwNBQ7AjLs2wdPcjO/xDhcC1YtV7Cn12h7AAf7fQ4osdrpUogZ
         JZzP+PWDit3PXSo31r8PYhwx1FA7yd5UmwyT2+E5QUUBVtQwII9079YDhMqOFMdn42ie
         xKIzg9u64fctEbQqTQYzAr19AfOYAnf4jKhFbYGbjWnv3jimPTg0qeJl+EIUga0OXihW
         NkfRIl/djyQMH0elyLj7nxsxsmSNRNzByX6w93RliL9jw2khfXsm2KsnV7iFdLbp/H1X
         qwbftwVFI2PNnj79CVfSkKfmTy9WWPz3InWaHf7fLjFFKyDsRouo9kuZ4+l6/DOgqGl3
         x/EA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=dJfoLxoA9TSqNy4HLWyitoTynts8ZCJDBH7ByUMTsoE=;
        b=JdFn1bDsSaXe6UZBTE37V1FNYO0B+W/lE8lGRxHqNVu90HlqXAmaCAE0BzUeA+yrp/
         sJC9D3V5WkQG483rPi2ZwWj4Xv+fuDG6V1SqyK/4ljGMWl3ztohmY884mZbTFO780fwt
         +TislqWz8mXxTTJPTE8LDdiUZbB0qPFr4hn0hSqRKmQ2JEhqTYM+vUZLb9GY6YY9ZEtz
         ILUjs5nRxw6N4CrLBbSiENjUgfSttgvr7bk5wv5lIosF6bYNAEkfjhvlYIZ+nzGCI5+t
         8pSR2HqlSg3ncqKnrXlMX7wH4FOtmOQ+Emd5/s8eTYMh+naJ+pskd3zViEmhaeO6wv11
         grnw==
X-Gm-Message-State: AOAM5302nBI5vmIdmT29D/0aSQqY371Ic+d1faTKpJLPi3lvGOT45YSz
	g/jO+vEG9nyr3an3yh69s/Gn18xWNhfs5scwcw+hsvxjlbbZoA==
X-Google-Smtp-Source: ABdhPJwk7H9kMCu4KnFEh1u5ZspbaChS3LhdXFIz5mi6jbhh1QlsQfovvMdjwKRpxKhooko1PDgx2CTtETZrkhUyW/8=
X-Received: by 2002:ae9:e50a:: with SMTP id w10mr16740571qkf.342.1618154948176;
 Sun, 11 Apr 2021 08:29:08 -0700 (PDT)
MIME-Version: 1.0
References: <CAP-hcNSGz6WQaCaebLdDm26emTrzxBUpyYvO0MF6anVB8t+=mg@mail.gmail.com>
 <CAGBsUrexRQiCuFbecaGGv_uho9m+QeUfO9+uG4A5z2beyZ1Sog@mail.gmail.com> <CAP-hcNSUWtLfiHc_VcGCPC=uneA8BCE=qNLp6p-S8niP_kmaQA@mail.gmail.com>
In-Reply-To: <CAP-hcNSUWtLfiHc_VcGCPC=uneA8BCE=qNLp6p-S8niP_kmaQA@mail.gmail.com>
Date: Sun, 11 Apr 2021 16:28:57 +0100
Message-ID: <CAGBsUrfhTFuH3Q2ckTwT=z1hZqNTF8eL6kOreSQp1Lb8fHBikg@mail.gmail.com>
To: Sergei Morozov <morozov@tut.by>
Cc: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000e0ac4905bfb40e42"
Subject: Re: [PHP-DEV] Use MySQL syntax only for parsing MySQL statements in PDO
From: tekiela246@gmail.com (Kamil Tekiela)

--000000000000e0ac4905bfb40e42
Content-Type: text/plain; charset="UTF-8"

> This specific issue doesn't seem to be related to the emulation. As far
as I understand, PDO parses SQL as well in order to replace positional
placeholders and vise versa depending on the input and the target platform
capabilities.

True, PDO has a huge flaw because of its SQL parser. In non-emulation mode
PDO will attempt to only replace named parameters with ?. This leaves a
much smaller vector for bugs. How many people put : in their SQL? With a
context-aware parser, we could minimize this to close to zero.

> I tried running the example on the stock PHP 8.0.3, and regardless of the
emulation mode and NO_BACKSLASH_ESCAPES mode I saw the same error:

I don't think this is possible. I executed it with PHP 8.0.3 and it only
fails in emulation mode.

> With my patch, I don't expect to see any changes in parsing MySQL queries
so I don't understand how it's relevant. Am I missing something?

Which is kind of my point. You are attempting to fix a small issue in
another driver while the MySQL parser is already broken with similar bugs.
If we are going to have diverging parsers then they should be entirely
split up. Keeping a single parser will lead to more bugs. If we try to
patch like this then it will soon get out of hand.

--000000000000e0ac4905bfb40e42--