xref: /PHP-7.2/ext/pdo_mysql/tests/bug_41125.phpt (revision 973d7bad)
1--TEST--
2Bug #41125 (PDO mysql + quote() + prepare() can result in segfault)
3--SKIPIF--
4<?php
5require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'skipif.inc');
6require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
7MySQLPDOTest::skip();
8
9$db = MySQLPDOTest::factory();
10$row = $db->query('SELECT VERSION() as _version')->fetch(PDO::FETCH_ASSOC);
11$matches = array();
12if (!preg_match('/^(\d+)\.(\d+)\.(\d+)/ismU', $row['_version'], $matches))
13	die(sprintf("skip Cannot determine MySQL Server version\n"));
14
15$version = $matches[0] * 10000 + $matches[1] * 100 + $matches[2];
16die("skip $version");
17if ($version < 40100)
18	die(sprintf("skip Need MySQL Server 5.0.0+, found %d.%02d.%02d (%d)\n",
19		$matches[0], $matches[1], $matches[2], $version));
20?>
21--FILE--
22<?php
23require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mysql_pdo_test.inc');
24$db = MySQLPDOTest::factory();
25$db->exec("DROP TABLE IF EXISTS test");
26
27// And now allow the evil to do his work
28$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, 1);
29$sql = "CREATE TABLE IF NOT EXISTS test(id INT); INSERT INTO test(id) VALUES (1); SELECT * FROM test; INSERT INTO test(id) VALUES (2); SELECT * FROM test;";
30// NOTE: This will fail, it is OK to fail - you must not mix DML/DDL and SELECT
31// The PDO API does not support multiple queries properly!
32// Read http://blog.ulf-wendel.de/?p=192
33// Compare MySQL C-API documentation
34$stmt = $db->query($sql);
35do {
36	var_dump($stmt->fetchAll());
37} while ($stmt->nextRowset());
38
39print "done!";
40?>
41--CLEAN--
42<?php
43require dirname(__FILE__) . '/mysql_pdo_test.inc';
44$db = MySQLPDOTest::factory();
45$db->exec("DROP TABLE IF EXISTS test");
46?>
47--EXPECTF--
48Warning: PDOStatement::fetchAll(): SQLSTATE[HY000]: General error in %s on line %d
49array(0) {
50}
51done!
52