diff options
| author | Andrey Hristov <andrey@php.net> | 2013-02-22 13:17:46 +0100 |
|---|---|---|
| committer | Andrey Hristov <andrey@php.net> | 2013-02-22 13:17:46 +0100 |
| commit | 1643d4ed568890d1b18a87304a39791ebb4790be (patch) | |
| tree | 0dbc2ee454b645462235802f6b3d1ab0ea6ef5cf /ext/mysqli/mysqli_nonapi.c | |
| parent | b479c2bffb91ee8a6c2e676920e895da08b68a4b (diff) | |
| download | php-git-1643d4ed568890d1b18a87304a39791ebb4790be.tar.gz | |
Add some parameter checks
Diffstat (limited to 'ext/mysqli/mysqli_nonapi.c')
| -rw-r--r-- | ext/mysqli/mysqli_nonapi.c | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/ext/mysqli/mysqli_nonapi.c b/ext/mysqli/mysqli_nonapi.c index c3a56fca39..e743449172 100644 --- a/ext/mysqli/mysqli_nonapi.c +++ b/ext/mysqli/mysqli_nonapi.c @@ -1100,13 +1100,25 @@ PHP_FUNCTION(mysqli_begin_transaction) zval *mysql_link; long flags = TRANS_START_NO_OPT; char * name = NULL; - int name_len = 0; + int name_len = -1; + zend_bool err = FALSE; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "O|ls", &mysql_link, mysqli_link_class_entry, &flags, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); - + if (flags < 0) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid value for parameter flags (%ld)", flags); + err = TRUE; + } + if (!name || !name_len) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + err = TRUE; + } + if (TRUE == err) { + RETURN_FALSE; + } + #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_begin_transaction_libmysql(mysql->mysql, flags, name)) { RETURN_FALSE; @@ -1143,12 +1155,16 @@ PHP_FUNCTION(mysqli_savepoint) MY_MYSQL *mysql; zval *mysql_link; char * name = NULL; - int name_len = 0; + int name_len = -1; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); + if (!name || !name_len) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + RETURN_FALSE; + } #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_savepoint_libmysql(mysql->mysql, name, FALSE)) { @@ -1169,14 +1185,15 @@ PHP_FUNCTION(mysqli_release_savepoint) MY_MYSQL *mysql; zval *mysql_link; char * name = NULL; - int name_len = 0; + int name_len = -1; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) { return; } MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID); if (!name || !name_len) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name not provided"); + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty"); + RETURN_FALSE; } #if !defined(MYSQLI_USE_MYSQLND) if (mysqli_savepoint_libmysql(mysql->mysql, name, TRUE)) { |