Hi,
I am attaching here a patch for this bug.
Please review it.
-------- Original Message --------
Subject: bug in odbc extension http://bugs.php.net/bug.php?id=37527
Date: Tue, 18 Sep 2007 15:29:23 +0200
From: Alexandra S. alexandra@zend.com
To: internals@lists.php.net
Hi,
I have been trying to work on this bug. The problem here is in this
scenario:
-
odbc connection is established.
-
odbc connection is closed.
-
trying to do a request (example: odbc_exec) to the database using the
closed connection -> crash.
As far as I can understand from reading the odbc_exec() function,
ZEND_FETCH_RESOURCE2 should return false,, so we do not advance to the
SQLAllocStmt call that crashes.
I checked with php 5.2.4 on both Linux and Windows and
ZEND_FETCH_RESOURCE2 does not return false.
The reason for it is in the odbc_close function -
for(i = 1; i < nument; i++){
ptr = zend_list_find(i, &type);
if(ptr && (type == le_result)){
res = (odbc_result *)ptr;
if(res->conn_ptr == conn){
zend_list_delete(i);
}
}
}
Here only the previous statements of this connection are deleted and
not the connection itself.
In the odbc_close_all function all the statements are deleted, and then
all the connections.
I suggest to add the deletion of the connection itself to the odbc_close
function - so the ZEND_FETCH_RESOURCE2 check will actually work. The
situation now is that check do not work and we try all the time to call
SQL actions with no existent connections.
Example for possible solution:
for(i = 1; i < nument; i++){
ptr = zend_list_find(i, &type);
if(ptr && (type == le_result)){
res = (odbc_result *)ptr;
if(res->conn_ptr == conn){
zend_list_delete(i);
}
}
if(ptr && (type == (is_pconn?le_pconn:le_conn))){
res = (odbc_result *)ptr;
if(res == conn){
zend_list_delete(i);
}
}
}
Alexandra Shpindovsky
Hi Alexandra,
I'm not sure in tis patch.
It does the same as double calling to zend_list_delete(Z_LVAL_PP(pv_conn));
Also your fix may cause deletion of connection (le_conn) before deletion of
related results (le_result).
Is it allowed?
Thanks. Dmitry.
-----Original Message-----
From: Alexandra S. [mailto:alexandra@zend.com]
Sent: Sunday, September 23, 2007 1:59 PM
To: internals@lists.php.net
Subject: [PHP-DEV] [Fwd: bug in odbc extension
http://bugs.php.net/bug.php?id=37527]Hi,
I am attaching here a patch for this bug.
Please review it.-------- Original Message --------
Subject: bug in odbc extension
http://bugs.php.net/bug.php?id=37527
Date: Tue, 18 Sep 2007 15:29:23 +0200
From: Alexandra S. alexandra@zend.com
To: internals@lists.php.netHi,
I have been trying to work on this bug. The problem here is in this
scenario:
odbc connection is established.
odbc connection is closed.
trying to do a request (example: odbc_exec) to the
database using the
closed connection -> crash.As far as I can understand from reading the odbc_exec() function,
ZEND_FETCH_RESOURCE2 should return false,, so we do not
advance to the
SQLAllocStmt call that crashes.I checked with php 5.2.4 on both Linux and Windows and
ZEND_FETCH_RESOURCE2 does not return false.The reason for it is in the odbc_close function -
for(i = 1; i < nument; i++){
ptr = zend_list_find(i, &type); if(ptr && (type == le_result)){ res = (odbc_result *)ptr; if(res->conn_ptr == conn){ zend_list_delete(i); } }}
Here only the previous statements of this connection are deleted and
not the connection itself.In the odbc_close_all function all the statements are
deleted, and then
all the connections.I suggest to add the deletion of the connection itself to the
odbc_close
function - so the ZEND_FETCH_RESOURCE2 check will actually work. The
situation now is that check do not work and we try all the
time to call
SQL actions with no existent connections.Example for possible solution:
for(i = 1; i < nument; i++){
ptr = zend_list_find(i, &type); if(ptr && (type == le_result)){ res = (odbc_result *)ptr; if(res->conn_ptr == conn){ zend_list_delete(i); } } if(ptr && (type == (is_pconn?le_pconn:le_conn))){ res = (odbc_result *)ptr; if(res == conn){ zend_list_delete(i); } }}
Alexandra Shpindovsky