Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PDO::quote() for SQL Server mis-quotes strings containing ASCII NUL #538

Closed
MarkMaldaba opened this issue Sep 18, 2017 · 4 comments
Closed

PDO::quote() for SQL Server mis-quotes strings containing ASCII NUL #538

MarkMaldaba opened this issue Sep 18, 2017 · 4 comments
Labels
bug PDO_SQLSRV

Comments

@MarkMaldaba
Copy link

I asked a question on StackOverflow and from the various responses it appears that perhaps this is a bug in the pdo_sqlsrv driver itself. I am therefore re-posting it here so that it can be investigated properly.

Here is the same question as posted on StackOverflow: https://stackoverflow.com/questions/46100518

I'm trying to insert ASCII NUL characters (\0 aka U+0000) into an SQL Server database from PHP, using pdo_sqlsrv. This is a requirement for handling PHP serialized strings, which contain NUL characters to represent private/protected variables.

However, there is something about PDO::quote() which is breaking the strings.

Code to reproduce (replace DBNAME, USERNAME and PASSWORD with appropriate values):

<?php

try {
	$dsn = 'sqlsrv:Server=.\SQLEXPRESS;Database=DBNAME';
	$user = 'USERNAME';
	$pass = 'PASSWORD';

	$connection = new PDO($dsn, $user, $pass);
} catch (PDOException $e) {
	die("Connection error: " . $e->getMessage());
}

$str = "XX\0XX";

header("Content-Type: text/plain");

print("Original: " . str_replace("\0", "{NUL}", $str) . "\n");
$str = $connection->quote($str);
print("Quoted:   " . str_replace("\0", "{NUL}", $str) . "\n");

?>

Expected Output:

Original: XX{NUL}XX
Quoted:   'XX{NUL}XX'

Actual Output:

Original: XX{NUL}XX
Quoted:   'XX'{NUL}{NUL}a

Note that it appears that the final character is random, as on a subsequent run it was an e. This implies some form of memory access error, e.g. reading past the end of the string. Maybe a bug in the pdo_sqlsrv implementation?
@MarkMaldaba
Copy link
Author

MarkMaldaba commented Sep 18, 2017
edited
Loading

Oops - forgot to mention: the issue was experienced using php_pdo_sqlsrv_56_nts.dll (v3.2) on PHP 5.6.18.

@yukiwongky
Copy link
Contributor

yukiwongky commented Sep 18, 2017
edited
Loading

Hi @MarkMaldaba , we do not actively support PHP 5.6 anymore. Please get the latest PDO_SQLSRV driver from https://github.com/Microsoft/msphpsql/releases/tag/v5.0.0-preview. From your repo script and from the latest driver, the output that I get is:

'XX'{NUL}{NUL}{NUL}

This is a bug on the PDO_SQLSRV driver and we will investigate further.

@yukiwongky yukiwongky mentioned this issue Sep 22, 2017
Merged
@Hadis-Knj
Copy link

@MarkMaldaba we fixed the issue in the latest release, could you give it a try and confirm if it is fixed in your case?

@Hadis-Knj
Copy link

We believe this issue is fixed, feel free to reopen the issue if you face the issue

@morozov morozov mentioned this issue Jul 4, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug PDO_SQLSRV
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MarkMaldaba @Hadis-Knj @yukiwongky