summaryrefslogtreecommitdiff
path: root/ext/mssql/php_mssql.c
diff options
context:
space:
mode:
authorKalle Sommer Nielsen <kalle@php.net>2016-08-06 10:17:49 +0200
committerKalle Sommer Nielsen <kalle@php.net>2016-08-06 10:17:49 +0200
commit5e2b8349b4ee7df1aa70deb4351f4f0d5c3d8a84 (patch)
treeece783b023e300dcf66b1279d1676bb279de743d /ext/mssql/php_mssql.c
parent65056e9d6c74adef89332080b5458fd4850fb3b7 (diff)
downloadphp-git-5e2b8349b4ee7df1aa70deb4351f4f0d5c3d8a84.tar.gz
Check the return value of dbconvert() in mssql_guid_string(), as it may return -1 in case the conversion failed. In that case false is returned.
Also initialize buffer and buffer2 to NULL, which should fix bug #72039 (Use of uninitialised value on mssql_guid_string). This only applies to 5.6, as we do not have mssql in 7.0 anymore
Diffstat (limited to 'ext/mssql/php_mssql.c')
-rw-r--r--ext/mssql/php_mssql.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/ext/mssql/php_mssql.c b/ext/mssql/php_mssql.c
index aa1ea54604..20ac190e0a 100644
--- a/ext/mssql/php_mssql.c
+++ b/ext/mssql/php_mssql.c
@@ -2235,21 +2235,24 @@ PHP_FUNCTION(mssql_guid_string)
char *binary;
int binary_len;
zend_bool sf = 0;
- char buffer[32+1];
- char buffer2[36+1];
+ char buffer[32+1] = NULL;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|b", &binary, &binary_len, &sf) == FAILURE) {
return;
}
- dbconvert(NULL, SQLBINARY, (BYTE*) binary, MIN(16, binary_len), SQLCHAR, buffer, -1);
+ if (dbconvert(NULL, SQLBINARY, (BYTE*) binary, MIN(16, binary_len), SQLCHAR, buffer, (DBINT) -1) == -1) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "could not convert binary string to GUID string");
+ RETURN_FALSE;
+ }
if (sf) {
php_strtoupper(buffer, 32);
RETURN_STRING(buffer, 1);
- }
- else {
+ } else {
int i;
+ char buffer2[36+1] = NULL;
+
/* FIXME this works only on little endian machine */
for (i=0; i<4; i++) {
buffer2[2*i] = buffer[6-2*i];
View Lorry Controller Status