From 23a3bbb468adb611150a51fe82f8e5a22fbfae5c Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Tue, 11 May 2021 14:40:00 +0200
Subject: [PATCH] Fix #44643: bound parameters ignore explicit type definitions

If `SQLDescribeParam()` fails for a parameter, we must not assume
`SQL_LONGVARCHAR` for any param which is not `PDO_PARAM_LOB`.  At least
mapping `PDO_PARAM_INT` to `SQL_INTEGER` should be safe, and not
introduce a BC break.

Closes GH-6973.
---
 NEWS                             |  3 +++
 ext/pdo_odbc/odbc_stmt.c         | 13 ++++++++++---
 ext/pdo_odbc/tests/bug44643.phpt | 22 ++++++++++++++++++++++
 3 files changed, 35 insertions(+), 3 deletions(-)
 create mode 100644 ext/pdo_odbc/tests/bug44643.phpt

diff --git a/NEWS b/NEWS
index faf0d3dc002..8753ab57f6a 100644
--- a/NEWS
+++ b/NEWS
@@ -24,6 +24,9 @@ PHP                                                                        NEWS
 - ODBC:
   . Fixed bug #80460 (ODBC doesn't account for SQL_NO_TOTAL indicator). (cmb)
 
+- PDO_ODBC:
+  . Fixed bug #44643 (bound parameters ignore explicit type definitions). (cmb)
+
 - PDO_pgsql:
   . Reverted bug fix for #80892 (PDO::PARAM_INT is treated the same as
     PDO::PARAM_STR). (Matteo)
diff --git a/ext/pdo_odbc/odbc_stmt.c b/ext/pdo_odbc/odbc_stmt.c
index 368648c36ae..b1307be5433 100644
--- a/ext/pdo_odbc/odbc_stmt.c
+++ b/ext/pdo_odbc/odbc_stmt.c
@@ -323,9 +323,16 @@ static int odbc_stmt_param_hook(pdo_stmt_t *stmt, struct pdo_bound_param_data *p
 				if (rc != SQL_SUCCESS && rc != SQL_SUCCESS_WITH_INFO) {
 					/* MS Access, for instance, doesn't support SQLDescribeParam,
 					 * so we need to guess */
-					sqltype = PDO_PARAM_TYPE(param->param_type) == PDO_PARAM_LOB ?
-									SQL_LONGVARBINARY :
-									SQL_LONGVARCHAR;
+					switch (PDO_PARAM_TYPE(param->param_type)) {
+						case PDO_PARAM_INT:
+							sqltype = SQL_INTEGER;
+							break;
+						case PDO_PARAM_LOB:
+							sqltype = SQL_LONGVARBINARY;
+							break;
+						default:
+							sqltype = SQL_LONGVARCHAR;
+					}
 					precision = 4000;
 					scale = 5;
 					nullable = 1;
diff --git a/ext/pdo_odbc/tests/bug44643.phpt b/ext/pdo_odbc/tests/bug44643.phpt
new file mode 100644
index 00000000000..eb96af8ba5b
--- /dev/null
+++ b/ext/pdo_odbc/tests/bug44643.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Bug #44643 (bound parameters ignore explicit type definitions)
+--SKIPIF--
+<?php
+if (!extension_loaded('pdo_odbc')) die('skip pdo_odbc extension not available');
+require 'ext/pdo/tests/pdo_test.inc';
+PDOTest::skip();
+?>
+--FILE--
+<?php
+require 'ext/pdo/tests/pdo_test.inc';
+$db = PDOTest::test_factory(dirname(__FILE__) . '/common.phpt');
+$sql = "SELECT * FROM (SELECT 'test' = :id1) a WHERE a.test = :id2";
+$stmt = $db->prepare($sql);
+$id1 = 1;
+$stmt->bindParam(':id1', $id1, PDO::PARAM_INT);
+$id2 = 1;
+$stmt->bindParam(':id2', $id2, PDO::PARAM_INT);
+var_dump($stmt->execute());
+?>
+--EXPECT--
+bool(true)