Fixed Bug #66043 (Segfault calling bind_param() on mysqli)

Although the doc said it is (unsigned int *), but it is ulong* in the libmysql 5.0 's source codes
2024-11-24 10:24:11 +08:00 · 2013-11-08 15:06:36 +08:00 · 2013-11-08 15:06:36 +08:00 · fd3fa9b53c
commit fd3fa9b53c
parent 224dc52ea9
3 changed files with 29 additions and 1 deletions
--- a/4
+++ b/4
@ -1,6 +1,10 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2013, PHP 5.4.23
+
+- MySQLi:
+  . Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence)
+
 - PDO
  . Fixed bug 65946 (sql_parser permanently converts values bound to strings)

--- a/ext/mysqli/mysqli_api.c
+++ b/ext/mysqli/mysqli_api.c
@ -384,7 +384,7 @@ mysqli_stmt_bind_result_do_bind(MY_STMT *stmt, zval ***args, unsigned int argc,
 				/* Changed to my_bool in MySQL 5.1. See MySQL Bug #16144 */
 				my_bool tmp;
 #else
-				uint tmp = 0;
+				ulong tmp = 0;
 #endif
 				stmt->result.buf[ofs].type = IS_STRING;
 				/*
--- a/ext/mysqli/tests/bug66043.phpt
+++ b/ext/mysqli/tests/bug66043.phpt
@ -0,0 +1,24 @@
+--TEST--
+Bug #66043 (Segfault calling bind_param() on mysqli)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once("connect.inc");
+if ($IS_MYSQLND) {
+    die("skip libmysql only test");
+}
+require_once('skipifconnectfailure.inc');
+?>
+--FILE--
+<?php
+require 'connect.inc';
+$db = new mysqli($host, $user, $passwd, 'mysql');
+
+$stmt = $db->stmt_init();
+$stmt->prepare("SELECT User FROM user WHERE password=\"\"");
+$stmt->execute();
+$stmt->bind_result($testArg);
+echo "Okey";
+?>
+--EXPECTF--
+Okey