From 248d8527fd011e8d801628155a125fdff0fd821a Mon Sep 17 00:00:00 2001 From: "Thies C. Arntzen" Date: Sun, 22 Oct 2000 19:33:59 +0000 Subject: [PATCH] @- OCIBindByName() now does better parameter-checking. (Thies) --- ext/oci8/oci8.c | 52 ++++++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c index c72148723f9..bc7639f2f54 100644 --- a/ext/oci8/oci8.c +++ b/ext/oci8/oci8.c @@ -2456,7 +2456,8 @@ PHP_FUNCTION(ocibindbyname) sb4 value_sz = -1; int ac = ZEND_NUM_ARGS(), inx; - if (ac < 3 || ac > 5 || zend_get_parameters_ex(ac, &stmt, &name, &var, &maxlen, &type) == FAILURE) { WRONG_PARAM_COUNT; + if (ac < 3 || ac > 5 || zend_get_parameters_ex(ac, &stmt, &name, &var, &maxlen, &type) == FAILURE) { + WRONG_PARAM_COUNT; } switch (ac) { @@ -2472,29 +2473,36 @@ PHP_FUNCTION(ocibindbyname) OCI_GET_STMT(statement,stmt); - switch ((*var)->type) { - case IS_OBJECT : - if ((inx = _oci_get_ocidesc(*var,&descr)) == 0) { - RETURN_FALSE; - } + switch (ocitype) { + case SQLT_BFILEE: + case SQLT_CFILEE: + case SQLT_CLOB: + case SQLT_BLOB: + if ((*var)->type != IS_OBJECT) { + php_error(E_WARNING,"Variable must be allocated using OCINewDescriptor()"); + RETURN_FALSE; + } + + if ((inx = _oci_get_ocidesc(*var,&descr)) == 0) { + php_error(E_WARNING,"Variable must be allocated using OCINewDescriptor()"); + RETURN_FALSE; + } - mydescr = (dvoid *) descr->ocidescr; - - if (! mydescr) { - RETURN_FALSE; - } - value_sz = sizeof(void*); - break; - - default: - if (ocitype == SQLT_RSET) { - /* XXX refcursor binding */ - OCI_GET_STMT(bindstmt,var); - - mystmt = bindstmt->pStmt; + if (! (mydescr = (dvoid *) descr->ocidescr)) { + php_error(E_WARNING,"Descriptor empty"); + RETURN_FALSE; + } value_sz = sizeof(void*); - } - break; + break; + + case SQLT_RSET: + OCI_GET_STMT(bindstmt,var); + + if (! (mystmt = bindstmt->pStmt)) { + RETURN_FALSE; + } + value_sz = sizeof(void*); + break; } if ((ocitype == SQLT_CHR) && (value_sz == -1)) {