← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/php5/gutsy

« back to all changes in this revision

Viewing changes to ext/oci8/oci8_lob.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt, CVE-2007-0905, CVE-2007-0906, CVE-2007-0909, CVE-2007-0910
  • Date: 2007-02-20 17:54:46 UTC
  • mfrom: (1.1.6 upstream)
  • Revision ID: james.westby@ubuntu.com-20070220175446-nudqyuv0dfowel3r
Tags: 5.2.1-0ubuntu1
* New upstream security/bugfix release:
  - safe_mode & open_basedir bypasses inside the session extension
    [CVE-2007-0905]
  - multiple buffer overflows in various extensions and functions
    [CVE-2007-0906]
  - underflow in the internal sapi_header_op() function [CVE-2007-0907]
  - information disclosure in the wddx extension [CVE-2007-0908]
  - string format vulnerability in *print() functions on 64 bit systems
    [CVE-2007-0909]
  - possible clobbering of super-globals in several code paths
    [CVE-2007-0910]
* Adapted patches to new upstream release:
  - 006-debian_quirks.patch
  - 034-apache2_umask_fix.patch
  - 044-strtod_arm_fix.patch
* Drop 109-libdb4.4.patch: Obsolete, upstream now checks for db 4.5 and 4.4.
* Drop 114-zend_alloc.c_m68k_alignment.patch and
  115-zend_alloc.c_memleak.patch: Applied upstream.
* Add debian/patches/000upstream-str_ireplace_offbyone.patch:
  - Fix off-by-one in str_ireplace(), a regression introduced in 5.2.1.
  - Patch taken from upstream CVS:
    http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.630&r2=1.631
  - CVE-2007-0911
* debian/control: Set Ubuntu maintainer.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ext/oci8/oci8_lob.c
2
2
   +----------------------------------------------------------------------+
3
3
   | PHP Version 5                                                        |
4
4
   +----------------------------------------------------------------------+
5
 
   | Copyright (c) 1997-2006 The PHP Group                                |
 
5
   | Copyright (c) 1997-2007 The PHP Group                                |
6
6
   +----------------------------------------------------------------------+
7
7
   | This source file is subject to version 3.01 of the PHP license,      |
8
8
   | that is bundled with this package in the file LICENSE, and is        |
25
25
   +----------------------------------------------------------------------+
26
26
*/
27
27
 
28
 
/* $Id: oci8_lob.c,v 1.7.2.6.2.6 2006/08/22 11:09:12 tony2001 Exp $ */
 
28
/* $Id: oci8_lob.c,v 1.7.2.6.2.10 2007/01/01 09:36:03 sebastian Exp $ */
29
29
 
30
30
 
31
31
 
190
190
{
191
191
        php_oci_connection *connection = descriptor->connection;
192
192
        ub4 chunk_size;
193
 
                
 
193
 
 
194
        if (descriptor->type == OCI_DTYPE_FILE) {
 
195
                return read_length;
 
196
        }
 
197
 
194
198
        if (!descriptor->chunk_size) {
195
199
                PHP_OCI_CALL_RETURN(connection->errcode, OCILobGetChunkSize, (connection->svc, connection->err, descriptor->descriptor, &chunk_size));
196
200
 
493
497
int php_oci_lob_copy (php_oci_descriptor *descriptor_dest, php_oci_descriptor *descriptor_from, long length TSRMLS_DC)
494
498
{
495
499
        php_oci_connection *connection = descriptor_dest->connection;
496
 
        int length_dest, length_from, copy_len;
 
500
        ub4 length_dest, length_from, copy_len;
497
501
        
498
502
        if (php_oci_lob_get_length(descriptor_dest, &length_dest TSRMLS_CC)) {
499
503
                return 1;
573
577
 
574
578
/* {{{ php_oci_lob_flush() 
575
579
 Flush buffers for the LOB (only if they have been used) */
576
 
int php_oci_lob_flush(php_oci_descriptor *descriptor, int flush_flag TSRMLS_DC)
 
580
int php_oci_lob_flush(php_oci_descriptor *descriptor, long flush_flag TSRMLS_DC)
577
581
{
578
582
        OCILobLocator *lob = descriptor->descriptor;
579
583
        php_oci_connection *connection = descriptor->connection;
588
592
                        /* only these two are allowed */
589
593
                        break;
590
594
                default:
591
 
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid flag value: %d", flush_flag);
 
595
                        php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid flag value: %ld", flush_flag);
592
596
                        return 1;
593
597
                        break;
594
598
        }
760
764
 
761
765
/* {{{ php_oci_lob_erase()
762
766
 Erase (or fill with whitespaces, depending on LOB type) the LOB (or its part) */
763
 
int php_oci_lob_erase (php_oci_descriptor *descriptor, long offset, long length, ub4 *bytes_erased TSRMLS_DC)
 
767
int php_oci_lob_erase (php_oci_descriptor *descriptor, long offset, ub4 length, ub4 *bytes_erased TSRMLS_DC)
764
768
{
765
769
        php_oci_connection *connection = descriptor->connection;
766
770
        OCILobLocator *lob = descriptor->descriptor;