If both the driver object and statement end up in the GC buffer and are
freed by the GC, then the destruction order is not deterministic and it
is possible that the driver object is freed before the statement. In
that case, accessing S->H will cause a UAF. As the resources are already
released we simply skip the destruction if the driver object is already
destroyed.
For Clang, we just need to define the respective macros, since these
built-ins are available in all supported Clang versions (>= 4.0.0,
currently)[1].
For MSVC (and possibly other compilers) we use the respective APIs of
intsafe.h[2] which are available as of Windows 7/Server 2008 R2.
This avoids the UB due to signed integer overflow that may happen with
our fallback implementations.
We also drop the superfluous SHORT_MAX definition from pdo_firebird.
This shouldn't be defined unconditionally, but since it is apparently
unused, we remove it altogether.
[1] <https://releases.llvm.org/4.0.0/tools/clang/docs/LanguageExtensions.html>
[2] <https://learn.microsoft.com/en-us/windows/win32/api/intsafe/>
A label should be followed by a statement and not a declaration, else old gcc gives the following error: a label can only be part of a statement and a declaration is not a statement
To fix this we wrap the code in the switch case block in braces.
Co-authored-by: =?UTF-8?q?=E6=AD=A6=E7=94=B0=20=E6=86=B2=E5=A4=AA=E9=83=8E?= <takeda@youmind.jp>
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
The respective code had been introduced 20 years ago, and we can assume
that the function is available at least of Firebird 3.0, what we
require anyway.
These tests are failing because the integers are too large to be cast
to a PHP int. We fix this by expecting either an int or a string.
Closes GH-16278.
A common convention is to name internal C header files as `*_int.h`.
Since a couple of these are actually installed, we add comments that
this is not supposed to happen, (a) to avoid installing further
internal headers, and (b) to pave the way to fix this in the next major
PHP version.
Somewhat special is php_gmp_int.h, where "int" is meant as abbreviation
for "interface".
Another common convention is appending `_priv` or `_private`, but since
there have not been any issues regarding these headers so far, we
refrain from adding respective comments to these headers.
Anyhow, it might be a good idea to introduce some common naming
convention for such internal/private headers.
When FB_API_VER equals to 30, for example, on Ubuntu, there is this
warning thrown with certain compiler configurations:
/php-src/ext/pdo_firebird/pdo_firebird_utils.cpp:21:13: warning:
‘void fb_copy_status(const ISC_STATUS*, ISC_STATUS*, size_t)’
defined but not used [-Wunused-function]
21 | static void fb_copy_status(const ISC_STATUS* from, ISC_STATUS* to, size_t maxLength)
| ^~~~~~~~~~~~~~
Since we're requiring fbclient >= 3.0 anyway, we:
* Remove unneeded `#if FB_API_VER >= 25`, `#if FB_API_VER >= 30`,
`#ifdef SQL_BOOLEAN`
* Simplify support for new types for query input parameters.
Support force_null for them.
* fbclient 3.0+ does not have a limit on the length of a SQL query of 64 KB.
The new limit is 10 MB, no one in their right mind would transmit a query of such length.
Currently, internal classes are registered with the following code:
INIT_CLASS_ENTRY(ce, "InternalClass", class_InternalClass_methods);
class_entry = zend_register_internal_class_ex(&ce, NULL);
class_entry->ce_flags |= ...;
This has worked well so far, except if InternalClass is readonly. It is because some inheritance checks are run by zend_register_internal_class_ex before ZEND_ACC_READONLY_CLASS is added to ce_flags.
The issue is fixed by adding a zend_register_internal_class_with_flags() zend API function that stubs can use from now on. This function makes sure to add the flags before running any checks. Since the new API is not available in lower PHP versions, gen_stub.php has to keep support for the existing API for PHP 8.3 and below.
We
* Document the fbclient 3.0+ version requirement
* Windows: check existence of Interface.h
Since we now require fbclient (3.0), we can drop support for the
Interbase gds32_ms.lib right away.
* POSIX: check for minimum required libfbclient version with fb_config
* POSIX: check for `fb_get_master_interface()`
The existence of `isc_detach_database` is implied by this.
* POSIX: remove detection of unsupported or even wrong libraries
libgds is for old Interbase which is incompatible with pdo_firebird for
may years, and libib_util is a utitity library, not a replacement for
libfbclient.
Co-authored-by: Peter Kokot <peterkokot@gmail.com>
Follow-up of GH-15230:
- Redundant variables removed
- Redundant duplicate middle newlines removed
- PHP_CXX_COMPILE_STDCXX macro arguments quoted
- When extension is built as shared the PHP_ADD_SOURCES works
differently, and PHP_ADD_SOURCES_X needs to be used so this can be
used:
./configure --with-pdo-firebird=shared
As a follow-up to the commit which introduced support for Firebird 4.0+
data types[1], we add support for formats for types with time zones.
Since this uses the newer Firebird C++ API, pdo_firebird now requires a
C++ compiler to be built.
[1] <https://github.com/php/php-src/pull/14897>
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
Closes GH-15230.
Using a newer fbclient version with an older server is generally
supported, and as such we must not only skip these tests for older
fbclients, but also for older servers.
In lack of some readily available function, we're querying the server
to find its version.
Follow-up of GH-15344 (687eb9125a)
This removes the customized error messages in PDO extensions when PDO is
not enabled (--disable-all or --disable-pdo) in favor of the default
error done by PHP_ADD_EXTENSION_DEP.
This replaces the AC_MSG_ERROR with AC_MSG_FAILURE, where appropriate.
The AC_MSG_ERROR outputs given message and exits the configure step. The
AC_MSG_FAILURE does the same but also automatically outputs additional
message "See 'config.log' for more details." which might help directing
the user where to look further.
The AC_MSG_ERROR is used for errors where current test step isn't logged
in the config.log and wouldn't make sense, and AC_MSG_FAILURE is mostly
used in cases of library checks, compilation tests, headers checked with
AC_CHECK_HEADER* and similar tests that are also logged in the
config.log.
AC_MSG_ERROR([Sanity check failed.]) output:
```
configure: error: Sanity check failed.
```
AC_MSG_FAILURE([Sanity check failed.]) output:
```
configure: error: in '/path/to/php-src':
configure: error: Sanity check failed.
See 'config.log' for more details
```
