Fix PDO::quote with string containing ASCII NUL character #550
Conversation
| @@ -1463,7 +1463,7 @@ int pdo_sqlsrv_dbh_quote( _Inout_ pdo_dbh_t* dbh, _In_reads_(unquoted_len) const | |||
| if ( encoding == SQLSRV_ENCODING_UTF8 ) { | |||
| quotes_needed = 3; | |||
| } | |||
| for ( size_t index = 0; index < unquoted_len && unquoted[ index ] != '\0'; ++index ) { | |||
| for ( size_t index = 0; index < unquoted_len; ++index ) { | |||
There was a problem hiding this comment.
Is the argument unquoted_len always correct? What is unquoted_len if the string is empty? Or what if the input string is composed of only one null character, something like '\0', or a series of null characters, something like '\0\0\0\0'?
There was a problem hiding this comment.
From what I've tested, unquote_len seems to be always correct ( it was parsed out by the PDO extension using zend_parse_parameter). If the string is empty (""), unquoted_len is 0. If the input string is composed of only one null character, unquoted_len is 1, and for '\0\0\0\0' unquoted_len is 4.
| { | ||
| $connection = connect(); | ||
| //$connection->setAttribute( PDO::SQLSRV_ATTR_DIRECT_QUERY, PDO::SQLSRV_ENCODING_SYSTEM ); | ||
|
|
There was a problem hiding this comment.
Why did you comment this line? Have you tested this with PDO::SQLSRV_ENCODING_SYSTEM in Windows?
There was a problem hiding this comment.
I tested both ENCODING_UTF8 and ENCODING_SYSTEM and they are both OK. I'll delete this line from the test.
|
|
||
| --EXPECT-- | ||
| Original: XX{NUL}XX | ||
| Quoted: 'XX{NUL}XX' |
There was a problem hiding this comment.
what is this character at the EOF?
Fix for #538