Dialect 1 databases store and transfer `NUMERIC(15,2)` values as
doubles, which we need to cater to in `firebird_stmt_get_col()` to
avoid `ZEND_ASSUME(0)` to ever be triggered, since that may result
in undefined behavior.
Since adding a regression test would require to create a dialect 1
database, we go without it.
Closes GH-10021.
For columns of type `SQL_TEXT`, Firebird does not properly report the
actual column length, but rather only the maximum column length, so for
multi-byte encodings like UTF-8, such columns may have trailing
spaces. We work around that by treating such columns as `SQL_VARYING`
when we ask the server to describe the colum, what yields the desired
results.
Given that this is a work-around, and may break code which expects the
results with trailing spaces, we target "master" only.
Closes GH-8926.
On x86_64 glibc memrchr() uses SSE/AVX CPU extensions and works much
faster then naive loop. On x86 32-bit we still use inlined version.
memrchr() is a GNU extension. Its prototype becomes available when
<string.h> is included with defined _GNU_SOURCE macro. Previously, we
defined it in "php_config.h", but some sources may include <string.h>
befire it. To avod mess we also pass -D_GNU_SOURCE to C compiler.
* PHP-8.0:
Update NEWS
Fix#76448: Stack buffer overflow in firebird_info_cb
Fix#76449: SIGSEGV in firebird_handle_doer
Fix#76450: SIGSEGV in firebird_stmt_execute
Fix#76452: Crash while parsing blob data in firebird_fetch_blob
Fix#81122: SSRF bypass in FILTER_VALIDATE_URL
* PHP-7.4:
Update NEWS
Fix#76448: Stack buffer overflow in firebird_info_cb
Fix#76449: SIGSEGV in firebird_handle_doer
Fix#76450: SIGSEGV in firebird_stmt_execute
Fix#76452: Crash while parsing blob data in firebird_fetch_blob
Fix#81122: SSRF bypass in FILTER_VALIDATE_URL
* PHP-7.3:
Update NEWS
Fix#76448: Stack buffer overflow in firebird_info_cb
Fix#76449: SIGSEGV in firebird_handle_doer
Fix#76450: SIGSEGV in firebird_stmt_execute
Fix#76452: Crash while parsing blob data in firebird_fetch_blob
Fix#81122: SSRF bypass in FILTER_VALIDATE_URL
We need to verify that the `result_size` is not larger than our buffer,
and also should make sure that the `len` which is passed to
`isc_vax_integer()` has a permissible value; otherwise we bail out.
We need to verify that the `result_size` is not larger than our buffer,
and also should make sure that the `len` which is passed to
`isc_vax_integer()` has a permissible value; otherwise we bail out.
The tests leak memory, likely due to a slightly unclean shutdown of
libfbclient. To avoid failing CI, we disable LSan for all the tests.
Closes GH-6966.
This is meant to test against certain fixed responses of Firebird
servers. For now we add just a most basic test which verifies a
connection attempt.
Closes GH-6940.
1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |
We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.
Of course, zend_bool is retained as an alias.
Instead of requiring the type to be determined in advance by the
describer function and then requiring get_col to return a buffer
of appropriate type, allow get_col to return an arbitrary zval.
See UPGRADING.INTERNALS for a more detailed description of the
change.
This makes the result fetching simpler, more efficient and more
flexible. The general possibility already existed via the special
PDO_PARAM_ZVAL type, but the usage was very inconvenient and/or
inefficient. Now it's possible to easily implement behavior like
"return int if it fits, otherwise string" and to avoid any kind
of complex management of temporary buffers.
This also fixes bug #40913 (our second highest voted bug of all
time, for some reason). PARAM_LOB result bindings will now
consistently return a stream resource, independently of the used
database driver.
I've tried my best to update all PDO drivers for this change, but
some of the changes may be broken, as I cannot test or even build
some of these drivers (in particular PDO dblib and PDO oci).
Fixes are appreciated -- a working CI setup would be even more
appreciated ;)
Firebird does not have "if exists", and the switch to exception
error mode broke the suppressed exec calls.
Firebird does have a "recreate table" command that effective
perform a "drop table if exists" beforehand.
