1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
diff -up ext/mysqli/mysqli_api.c.orig ext/mysqli/mysqli_api.c
--- ext/mysqli/mysqli_api.c.orig 2014-02-05 11:00:36.000000000 +0100
+++ ext/mysqli/mysqli_api.c 2014-02-25 08:16:43.597710792 +0100
@@ -1869,6 +1869,10 @@ PHP_FUNCTION(mysqli_prepare)
efree(stmt);
RETURN_FALSE;
}
+#ifndef MYSQLI_USE_MYSQLND
+ stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
+ zend_objects_store_add_ref_by_handle(stmt->link_handle TSRMLS_CC);
+#endif
mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
mysqli_resource->ptr = (void *)stmt;
@@ -2413,6 +2417,10 @@ PHP_FUNCTION(mysqli_stmt_init)
efree(stmt);
RETURN_FALSE;
}
+#ifndef MYSQLI_USE_MYSQLND
+ stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
+ zend_objects_store_add_ref_by_handle(stmt->link_handle TSRMLS_CC);
+#endif
mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
mysqli_resource->status = MYSQLI_STATUS_INITIALIZED;
diff -up ext/mysqli/mysqli.c.orig ext/mysqli/mysqli.c
--- ext/mysqli/mysqli.c.orig 2014-02-05 11:00:36.000000000 +0100
+++ ext/mysqli/mysqli.c 2014-02-25 08:21:37.336860837 +0100
@@ -176,8 +176,11 @@ void php_clear_stmt_bind(MY_STMT *stmt T
php_free_stmt_bind_buffer(stmt->param, FETCH_SIMPLE);
/* Clean output bind */
php_free_stmt_bind_buffer(stmt->result, FETCH_RESULT);
-#endif
+ if (stmt->link_handle) {
+ zend_objects_store_del_ref_by_handle(stmt->link_handle TSRMLS_CC);
+ }
+#endif
if (stmt->query) {
efree(stmt->query);
}
@@ -1069,6 +1072,10 @@ PHP_FUNCTION(mysqli_stmt_construct)
efree(stmt);
RETURN_FALSE;
}
+#ifndef MYSQLI_USE_MYSQLND
+ stmt->link_handle = Z_OBJ_HANDLE(*mysql_link);
+ zend_objects_store_add_ref_by_handle(stmt->link_handle TSRMLS_CC);
+#endif
mysqli_resource = (MYSQLI_RESOURCE *)ecalloc (1, sizeof(MYSQLI_RESOURCE));
mysqli_resource->ptr = (void *)stmt;
diff -up ext/mysqli/php_mysqli_structs.h.orig ext/mysqli/php_mysqli_structs.h
--- ext/mysqli/php_mysqli_structs.h.orig 2014-02-05 11:00:36.000000000 +0100
+++ ext/mysqli/php_mysqli_structs.h 2014-02-25 08:16:43.598710795 +0100
@@ -116,6 +116,10 @@ typedef struct {
BIND_BUFFER param;
BIND_BUFFER result;
char *query;
+#ifndef MYSQLI_USE_MYSQLND
+ /* used to manage refcount with libmysql (already implement in mysqlnd) */
+ zend_object_handle link_handle;
+#endif
} MY_STMT;
typedef struct {
diff -up ext/mysqli/tests/bug66762.phpt.orig ext/mysqli/tests/bug66762.phpt
--- ext/mysqli/tests/bug66762.phpt.orig 2014-02-25 08:16:17.118619251 +0100
+++ ext/mysqli/tests/bug66762.phpt 2014-02-25 08:31:33.252385139 +0100
@@ -0,0 +1,26 @@
+--TEST--
+Bug #66762 mysqli@libmysql segfault in mysqli_stmt::bind_result() when link closed
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once('skipifconnectfailure.inc');
+?>
+--FILE--
+<?php
+ require_once("connect.inc");
+
+ $mysqli = new mysqli($host, $user, $passwd, $db);
+
+ $read_stmt = $mysqli->prepare("SELECT 1");
+
+ var_dump($read_stmt->bind_result($data));
+
+ unset($mysqli);
+ var_dump($read_stmt->bind_result($data));
+
+?>
+done!
+--EXPECT--
+bool(true)
+bool(true)
+done!
\ Pas de fin de ligne à la fin du fichier
|
