Merge branch 'PHP-8.2'

This commit is contained in:
Stanislav Malyshev 2022-12-18 23:21:30 -07:00
commit ec5b872dcd
4 changed files with 37 additions and 3 deletions

View file

@ -1164,7 +1164,7 @@ PHP_METHOD(PDO, query)
PHP_METHOD(PDO, quote) PHP_METHOD(PDO, quote)
{ {
pdo_dbh_t *dbh = Z_PDO_DBH_P(ZEND_THIS); pdo_dbh_t *dbh = Z_PDO_DBH_P(ZEND_THIS);
zend_string *str; zend_string *str, *quoted;
zend_long paramtype = PDO_PARAM_STR; zend_long paramtype = PDO_PARAM_STR;
ZEND_PARSE_PARAMETERS_START(1, 2) ZEND_PARSE_PARAMETERS_START(1, 2)
@ -1180,8 +1180,14 @@ PHP_METHOD(PDO, quote)
pdo_raise_impl_error(dbh, NULL, "IM001", "driver does not support quoting"); pdo_raise_impl_error(dbh, NULL, "IM001", "driver does not support quoting");
RETURN_FALSE; RETURN_FALSE;
} }
quoted = dbh->methods->quoter(dbh, str, paramtype);
RETURN_STR(dbh->methods->quoter(dbh, str, paramtype)); if (quoted == NULL) {
PDO_HANDLE_DBH_ERR();
RETURN_FALSE;
}
RETURN_STR(quoted);
} }
/* }}} */ /* }}} */

View file

@ -242,6 +242,13 @@ safe:
if (buf) { if (buf) {
zend_string_release_ex(buf, 0); zend_string_release_ex(buf, 0);
} }
if (plc->quoted == NULL) {
/* bork */
ret = -1;
strncpy(stmt->error_code, stmt->dbh->error_code, 6);
goto clean_up;
}
} else { } else {
pdo_raise_impl_error(stmt->dbh, stmt, "HY105", "Expected a stream resource"); pdo_raise_impl_error(stmt->dbh, stmt, "HY105", "Expected a stream resource");
ret = -1; ret = -1;

View file

@ -226,7 +226,11 @@ static zend_string *pdo_sqlite_last_insert_id(pdo_dbh_t *dbh, const zend_string
/* NB: doesn't handle binary strings... use prepared stmts for that */ /* NB: doesn't handle binary strings... use prepared stmts for that */
static zend_string* sqlite_handle_quoter(pdo_dbh_t *dbh, const zend_string *unquoted, enum pdo_param_type paramtype) static zend_string* sqlite_handle_quoter(pdo_dbh_t *dbh, const zend_string *unquoted, enum pdo_param_type paramtype)
{ {
char *quoted = safe_emalloc(2, ZSTR_LEN(unquoted), 3); char *quoted;
if (ZSTR_LEN(unquoted) > (INT_MAX - 3) / 2) {
return NULL;
}
quoted = safe_emalloc(2, ZSTR_LEN(unquoted), 3);
/* TODO use %Q format? */ /* TODO use %Q format? */
sqlite3_snprintf(2*ZSTR_LEN(unquoted) + 3, quoted, "'%q'", ZSTR_VAL(unquoted)); sqlite3_snprintf(2*ZSTR_LEN(unquoted) + 3, quoted, "'%q'", ZSTR_VAL(unquoted));
zend_string *quoted_str = zend_string_init(quoted, strlen(quoted), 0); zend_string *quoted_str = zend_string_init(quoted, strlen(quoted), 0);

View file

@ -0,0 +1,17 @@
--TEST--
Bug #81740 (PDO::quote() may return unquoted string)
--SKIPIF--
<?php
if (!extension_loaded('pdo_sqlite')) print 'skip not loaded';
if (getenv("SKIP_SLOW_TESTS")) die("skip slow test");
?>
--INI--
memory_limit=-1
--FILE--
<?php
$pdo = new PDO("sqlite::memory:");
$string = str_repeat("a", 0x80000000);
var_dump($pdo->quote($string));
?>
--EXPECT--
bool(false)