From bfcc12ef78988dabb04acf7ce36f3ba436cc7bbe Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Fri, 7 May 2004 15:11:07 +0000 Subject: [PATCH] Fix unregistered bug in zval pointer/array juggling # Thinko: element of a **zval[] is usually not a *zval[] # I can't believe this has gone undetected for 4+ years! --- ext/interbase/ibase_query.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/ext/interbase/ibase_query.c b/ext/interbase/ibase_query.c index 9930040e2f3..68abf99c463 100644 --- a/ext/interbase/ibase_query.c +++ b/ext/interbase/ibase_query.c @@ -603,14 +603,14 @@ static int _php_ibase_bind_array(zval *val, char *buf, unsigned long buf_size, / } /* }}} */ -static int _php_ibase_bind(XSQLDA *sqlda, zval **b_vars, BIND_BUF *buf, /* {{{ */ +static int _php_ibase_bind(XSQLDA *sqlda, zval ***b_vars, BIND_BUF *buf, /* {{{ */ ibase_query *ib_query TSRMLS_DC) { int i, array_cnt = 0, rv = SUCCESS; for (i = 0; i < sqlda->sqld; ++i) { /* bound vars */ - zval *b_var = b_vars[i]; + zval *b_var = *b_vars[i]; XSQLVAR *var = &sqlda->sqlvar[i]; var->sqlind = &buf[i].sqlind; @@ -881,19 +881,19 @@ static void _php_ibase_alloc_xsqlda(XSQLDA *sqlda) /* {{{ */ /* }}} */ static int _php_ibase_exec(INTERNAL_FUNCTION_PARAMETERS, ibase_result **ib_resultp, /* {{{ */ - ibase_query *ib_query, int argc, zval **args) + ibase_query *ib_query, int argc, zval ***args) { XSQLDA *in_sqlda = NULL, *out_sqlda = NULL; BIND_BUF *bind_buf = NULL; - int rv = FAILURE; + int i, rv = FAILURE; static char info_count[] = { isc_info_sql_records }; char result[64]; ISC_STATUS isc_result; RESET_ERRMSG; - if (argc > 0 && args != NULL) { - SEPARATE_ZVAL(args); + for (i = 0; i < argc; ++i) { + SEPARATE_ZVAL(args[i]); } switch (ib_query->statement_type) { @@ -1072,7 +1072,7 @@ _php_ibase_exec_error: Execute a query */ PHP_FUNCTION(ibase_query) { - zval ***args, **bind_args = NULL; + zval ***args, ***bind_args = NULL; int i, bind_n = 0, trans_res_id = 0; ibase_db_link *ib_link = NULL; ibase_trans *trans = NULL; @@ -1186,7 +1186,7 @@ PHP_FUNCTION(ibase_query) if (ZEND_NUM_ARGS() > i) { /* have variables to bind */ bind_n = ZEND_NUM_ARGS() - i; - bind_args = args[i]; + bind_args = &args[i]; } /* open default transaction */ @@ -1830,7 +1830,7 @@ PHP_FUNCTION(ibase_prepare) Execute a previously prepared query */ PHP_FUNCTION(ibase_execute) { - zval ***args, **bind_args = NULL; + zval ***args, ***bind_args = NULL; ibase_query *ib_query; ibase_result *result = NULL; @@ -1850,7 +1850,7 @@ PHP_FUNCTION(ibase_execute) ZEND_FETCH_RESOURCE(ib_query, ibase_query *, args[0], -1, "InterBase query", le_query); if (ZEND_NUM_ARGS() > 1) { /* have variables to bind */ - bind_args = args[1]; + bind_args = &args[1]; } /* Have we used this cursor before and it's still open (exec proc has no cursor) ? */