Skip to content

Commit 3b15999

Browse files
mlazdansmlazdans
committed
Add use after free tests
1 parent 96ab6e8 commit 3b15999

File tree

3 files changed

+90
-0
lines changed

3 files changed

+90
-0
lines changed

tests/common.inc

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
<?php
2+
3+
function test_use_after_ibase_free_query() {
4+
$batch_count = 5;
5+
6+
ibase_query("DELETE FROM TEST1");
7+
$query = ibase_prepare("INSERT INTO TEST1 (I, C) VALUES (?, ?)");
8+
for($i = 1; $i <= $batch_count; $i++) {
9+
ibase_execute($query, $i, "ROW 1 (batch $i)");
10+
ibase_execute($query, $i, "ROW 2 (batch $i)");
11+
}
12+
ibase_free_query($query);
13+
14+
$query = ibase_prepare("SELECT * FROM TEST1 WHERE I = ?");
15+
$res = array();
16+
for($i = 1; $i <= $batch_count; $i++) {
17+
$res[$i] = ibase_execute($query, $i);
18+
}
19+
ibase_free_query($query);
20+
21+
foreach ($res as $batch=>$r) {
22+
print "---- Batch $batch ----\n";
23+
dump_rows($r);
24+
ibase_free_result($r);
25+
}
26+
}

tests/use_after_free-001.phpt

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
--TEST--
2+
InterBase: use after ibase_free_query()
3+
--SKIPIF--
4+
<?php
5+
include("skipif.inc");
6+
if(defined('IBASE_VER') && (IBASE_VER >= 61)) print "Skip IBASE_VER < 6.1";
7+
?>
8+
--FILE--
9+
<?php
10+
11+
// Related to the "test execute procedure" part of tests/006.phpt. This
12+
// ilustrates incorrect use of ibase_free_query(). If you follow the same logic
13+
// as in 006.phpt, you would expect 5 batches with 2 rows printed with
14+
// incremented I but it doesn't of course.
15+
16+
require("interbase.inc");
17+
require("common.inc");
18+
test_use_after_ibase_free_query();
19+
20+
?>
21+
--EXPECT--
22+
---- Batch 1 ----
23+
array(2) {
24+
["I"]=>
25+
int(5)
26+
["C"]=>
27+
string(15) "ROW 1 (batch 5)"
28+
}
29+
array(2) {
30+
["I"]=>
31+
int(5)
32+
["C"]=>
33+
string(15) "ROW 2 (batch 5)"
34+
}
35+
---- Batch 2 ----
36+
---- Batch 3 ----
37+
---- Batch 4 ----
38+
---- Batch 5 ----

tests/use_after_free-002.phpt

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
--TEST--
2+
InterBase: use after ibase_free_query()
3+
--SKIPIF--
4+
<?php
5+
include("skipif.inc");
6+
if(!defined('IBASE_VER') || (IBASE_VER < 61)) print "Skip IBASE_VER >= 6.1";
7+
?>
8+
--FILE--
9+
<?php
10+
11+
// Related to the "test execute procedure" part of tests/006.phpt. This
12+
// ilustrates incorrect use of ibase_free_query(). If you follow the same logic
13+
// as in 006.phpt, you would expect 5 batches with 2 rows printed with
14+
// incremented I but it doesn't of course.
15+
16+
require("interbase.inc");
17+
require("common.inc");
18+
19+
set_exception_handler("php_ibase_exception_handler");
20+
21+
test_use_after_ibase_free_query();
22+
23+
?>
24+
--EXPECT--
25+
---- Batch 1 ----
26+
Fatal error: Uncaught TypeError: ibase_fetch_assoc(): supplied resource is not a valid Firebird/InterBase query resource

0 commit comments

Comments
 (0)