Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec)

2024-11-27 11:53:33 +08:00 · 2012-10-09 13:13:51 +08:00 · 2012-10-09 13:13:51 +08:00 · 45e0d452c5
commit 45e0d452c5
parent 5d9fb8ffeb
2 changed files with 5 additions and 1 deletions
--- a/4
+++ b/4
@ -2,6 +2,10 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2012, PHP 5.3.19

+- PDO:
+  . Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
+    (Martin Osvald, Remi)
+
 ?? ??? 2012, PHP 5.3.18

 (NOTE: Add your entries above for 5.3.19, entries for 5.3.18 should only
--- a/ext/pdo_odbc/odbc_driver.c
+++ b/ext/pdo_odbc/odbc_driver.c
@ -114,7 +114,7 @@ void pdo_odbc_error(pdo_dbh_t *dbh, pdo_stmt_t *stmt, PDO_ODBC_HSTMT statement,
 	 * diagnostic records (which can be generated by PRINT statements
 	 * in the query, for instance). */
 	while (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
-		char discard_state[5];
+		char discard_state[6];
 		char discard_buf[1024];
 		SQLINTEGER code;
 		rc = SQLGetDiagRec(htype, eh, recno++, discard_state, &code,