Skip to content

Commit 426b675

Browse files
mlazdansmlazdans
committed
Do not needlessly attach :service_mgr to an empty host (#53)
Also makes internal buffers larger to match FB5 username / password lengths Also makes all arguments to ibase_service_attach() optional. These are not needed for embedded for example.
1 parent 4f751da commit 426b675

File tree

2 files changed

+39
-13
lines changed

2 files changed

+39
-13
lines changed

ibase_service.c

Lines changed: 38 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -214,34 +214,60 @@ PHP_FUNCTION(ibase_delete_user)
214214
Connect to the service manager */
215215
PHP_FUNCTION(ibase_service_attach)
216216
{
217-
size_t hlen, ulen, plen, spb_len;
217+
size_t hlen = 0, ulen = 0, plen = 0;
218218
ibase_service *svm;
219-
char buf[128], *host, *user, *pass, *loc;
219+
char buf[350], *host, *user, *pass;
220+
char loc[128] = "service_mgr";
220221
isc_svc_handle handle = 0;
222+
unsigned short p = 0;
221223

222224
RESET_ERRMSG;
223225

224-
if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
226+
if (SUCCESS != zend_parse_parameters(ZEND_NUM_ARGS(), "|sss",
225227
&host, &hlen, &user, &ulen, &pass, &plen)) {
226228

227229
RETURN_FALSE;
228230
}
229231

230-
/* construct the spb, hack the service name into it as well */
231-
spb_len = slprintf(buf, sizeof(buf), "%c%c%c%c%s%c%c%s" "%s:service_mgr",
232-
isc_spb_version, isc_spb_current_version, isc_spb_user_name, (char)ulen,
233-
user, isc_spb_password, (char)plen, pass, host);
232+
if (ulen > 63) {
233+
_php_ibase_module_error("Internal error: dba_username too long");
234+
RETURN_FALSE;
235+
}
234236

235-
if (spb_len > sizeof(buf) || spb_len == -1) {
236-
_php_ibase_module_error("Internal error: insufficient buffer space for SPB (%zd)", spb_len);
237+
if (plen > 255) {
238+
_php_ibase_module_error("Internal error: dba_password too long");
239+
RETURN_FALSE;
240+
}
241+
242+
// 13 = strlen(":service_mgr") + \0;
243+
if (hlen + 13 > sizeof(loc)) {
244+
_php_ibase_module_error("Internal error: insufficient buffer space for name of the service (%zd)", hlen + 13);
237245
RETURN_FALSE;
238246
}
239247

240-
spb_len -= hlen + 12;
241-
loc = buf + spb_len; /* points to %s:service_mgr part */
248+
buf[p++] = isc_spb_version;
249+
buf[p++] = isc_spb_current_version;
250+
251+
if(ulen > 0){
252+
buf[p++] = isc_spb_user_name;
253+
buf[p++] = (char)ulen;
254+
memcpy(&buf[p], &user, ulen);
255+
p += ulen;
256+
}
257+
258+
if(plen > 0){
259+
buf[p++] = isc_spb_password;
260+
buf[p++] = (char)plen;
261+
memcpy(&buf[p], &pass, plen);
262+
p += plen;
263+
}
264+
265+
if(hlen > 0){
266+
slprintf(loc, sizeof(loc), "%s:service_mgr", host);
267+
}
242268

243269
/* attach to the service manager */
244-
if (isc_service_attach(IB_STATUS, 0, loc, &handle, (unsigned short)spb_len, buf)) {
270+
if (isc_service_attach(IB_STATUS, 0, loc, &handle, p, buf)) {
245271
_php_ibase_error();
246272
RETURN_FALSE;
247273
}

interbase.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -256,7 +256,7 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_ibase_delete_user, 0, 0, 3)
256256
ZEND_ARG_INFO(0, last_name)
257257
ZEND_END_ARG_INFO()
258258

259-
ZEND_BEGIN_ARG_INFO_EX(arginfo_ibase_service_attach, 0, 0, 3)
259+
ZEND_BEGIN_ARG_INFO_EX(arginfo_ibase_service_attach, 0, 0, 0)
260260
ZEND_ARG_INFO(0, host)
261261
ZEND_ARG_INFO(0, dba_username)
262262
ZEND_ARG_INFO(0, dba_password)

0 commit comments

Comments
 (0)