Skip to content

Commit 1643d4e

Browse files
faizshukrifaizshukri
committed
Add some parameter checks
1 parent b479c2b commit 1643d4e

File tree

1 file changed

+22
-5
lines changed

1 file changed

+22
-5
lines changed

ext/mysqli/mysqli_nonapi.c

Lines changed: 22 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1100,13 +1100,25 @@ PHP_FUNCTION(mysqli_begin_transaction)
11001100
zval *mysql_link;
11011101
long flags = TRANS_START_NO_OPT;
11021102
char * name = NULL;
1103-
int name_len = 0;
1103+
int name_len = -1;
1104+
zend_bool err = FALSE;
11041105

11051106
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "O|ls", &mysql_link, mysqli_link_class_entry, &flags, &name, &name_len) == FAILURE) {
11061107
return;
11071108
}
11081109
MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
1109-
1110+
if (flags < 0) {
1111+
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid value for parameter flags (%ld)", flags);
1112+
err = TRUE;
1113+
}
1114+
if (!name || !name_len) {
1115+
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty");
1116+
err = TRUE;
1117+
}
1118+
if (TRUE == err) {
1119+
RETURN_FALSE;
1120+
}
1121+
11101122
#if !defined(MYSQLI_USE_MYSQLND)
11111123
if (mysqli_begin_transaction_libmysql(mysql->mysql, flags, name)) {
11121124
RETURN_FALSE;
@@ -1143,12 +1155,16 @@ PHP_FUNCTION(mysqli_savepoint)
11431155
MY_MYSQL *mysql;
11441156
zval *mysql_link;
11451157
char * name = NULL;
1146-
int name_len = 0;
1158+
int name_len = -1;
11471159

11481160
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) {
11491161
return;
11501162
}
11511163
MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
1164+
if (!name || !name_len) {
1165+
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty");
1166+
RETURN_FALSE;
1167+
}
11521168

11531169
#if !defined(MYSQLI_USE_MYSQLND)
11541170
if (mysqli_savepoint_libmysql(mysql->mysql, name, FALSE)) {
@@ -1169,14 +1185,15 @@ PHP_FUNCTION(mysqli_release_savepoint)
11691185
MY_MYSQL *mysql;
11701186
zval *mysql_link;
11711187
char * name = NULL;
1172-
int name_len = 0;
1188+
int name_len = -1;
11731189

11741190
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &mysql_link, mysqli_link_class_entry, &name, &name_len) == FAILURE) {
11751191
return;
11761192
}
11771193
MYSQLI_FETCH_RESOURCE_CONN(mysql, &mysql_link, MYSQLI_STATUS_VALID);
11781194
if (!name || !name_len) {
1179-
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name not provided");
1195+
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Savepoint name cannot be empty");
1196+
RETURN_FALSE;
11801197
}
11811198
#if !defined(MYSQLI_USE_MYSQLND)
11821199
if (mysqli_savepoint_libmysql(mysql->mysql, name, TRUE)) {

0 commit comments

Comments
 (0)