> From: Vincent de Lau [mailto:vincent@delau.nl]
> Sent: Sunday, September 20, 2009 3:42 AM
> To: fw-db@lists.zend.com
> Subject: [fw-db] issues with Zend_Db_Statement::_stripQuoted
>
> Hi all,
>
> Last week we ran in an issue with a segfault caused by the preg_replace
> statements in Zend_Db_Statements::_stripQuoted (issues ZF-5063[1] and
> ZF-7585[2]). While trying to find a work-around, I discovered that this
> function is broken. The fix for issue ZF-3025[3] seems to be applied
> wrong
> (r9727).
>
> The fix for my issue could be to modify the regular expression. Instead
> of
> the repetition, my replacement relies on assertions. During initial
> testing
> (running a 1MB query) it seems that this would not rely on the stack
> too
> much, reducing the chance of a segfault. This would need to be tested
> further. In the patch below, I restored the original replacement of
> quoted
> identifiers that was lost in r9727.
A simpler fix might be the next patch. Instead of assertions, it tries to
limit stack usage by 'eating' similar subpatterns.
Index: Statement.php
===================================================================
--- Statement.php (revision 17563)
+++ Statement.php (working copy)
@@ -184,10 +184,10 @@
// get a version of the SQL statement with all quoted
// values and delimited identifiers stripped out
// remove "foo\"bar"
- $sql = preg_replace("/$q($qe|\\\\{2}|[^$q])*$q/", '', $sql);
+ $sql = preg_replace("/$d($de+|\\\\{2}+|[^$d]+)*$d/", '', $sql);
// remove 'foo\'bar'
if (!empty($q)) {
- $sql = preg_replace("/$q($qe|[^$q])*$q/", '', $sql);
+ $sql = preg_replace("/$q($qe+|\\\\{2}+|[^$q]+)*$q/", '', $sql);
}
return $sql;
Vincent de Lau
vincent@delau.nl
没有评论:
发表评论