Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Assertion failure ext/mysqli/mysqli_prop.c #17900

Closed
YuanchengJiang opened this issue Feb 23, 2025 · 3 comments
Closed

Assertion failure ext/mysqli/mysqli_prop.c #17900

YuanchengJiang opened this issue Feb 23, 2025 · 3 comments
Labels
Bug Extension: mysqli Status: Verified

Comments

@YuanchengJiang
Copy link

Description

The following code:

<?php
mysqli_report(MYSQLI_REPORT_OFF);
$mysqli = new mysqli();
@$mysqli->__construct('doesnotexist');
var_dump(get_defined_vars());

Resulted in this output:

php: /home/phpfuzz/WorkSpace/flowfusion/php-src/ext/mysqli/mysqli_prop.c:227: zend_result link_errno_read(mysqli_object *, zval *, _Bool): Assertion `p' failed.
Aborted (core dumped)

To reproduce:

./php-src/sapi/cli/php  ./test.php

Commit:

commit c5ee870b856a2447c365cbcaf807ada66b67920d
Merge: bcf0ee185b 04a33a1122
Author: Remi Collet <remi@php.net>
Date:   Thu Feb 20 11:48:09 2025 +0100

    Merge branch 'PHP-8.4'
    
    * PHP-8.4:
      zip version is now 1.22.5

Configurations:

CC="clang-12" CXX="clang++-12" CFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" CXXFLAGS="-DZEND_VERIFY_TYPE_INFERENCE" ./configure --enable-debug --enable-address-sanitizer --enable-undefined-sanitizer --enable-re2c-cgoto --enable-fpm --enable-litespeed --enable-phpdbg-debug --enable-zts --enable-bcmath --enable-calendar --enable-dba --enable-dl-test --enable-exif --enable-ftp --enable-gd --enable-gd-jis-conv --enable-mbstring --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvmsg --enable-zend-test --with-zlib --with-bz2 --with-curl --with-enchant --with-gettext --with-gmp --with-mhash --with-ldap --with-libedit --with-readline --with-snmp --with-sodium --with-xsl --with-zip --with-mysqli --with-pdo-mysql --with-pdo-pgsql --with-pgsql --with-sqlite3 --with-pdo-sqlite --with-webp --with-jpeg --with-freetype --enable-sigchild --with-readline --with-pcre-jit --with-iconv

Operating System:

Ubuntu 20.04 Host, Docker 0599jiangyc/flowfusion:latest

This report is automatically generated by FlowFusion

PHP Version

c5ee870

Operating System

No response
@YuanchengJiang YuanchengJiang changed the title Assertion failure Assertion failure ext/mysqli/mysqli_prop.c Feb 23, 2025
@nielsdos
Copy link
Member

The problem is that this code is executed setting the internal pointer to NULL:

php-src/ext/mysqli/mysqli_nonapi.c

Lines 259 to 261 in 67a349d

/* free mysql structure */
mysqli_close(mysql->mysql, MYSQLI_CLOSE_DISCONNECTED);
mysql->mysql = NULL;

But (MYSQLI_RESOURCE *)(obj->ptr))->ptr or obj->ptr was not reset to NULL.

@nielsdos
Copy link
Member

Honestly, it might be best to just block calling __construct twice for this class, as that would also solve #8084

@Girgias
Copy link
Member

Girgias commented Feb 23, 2025

Blocking multiple calls to __construct() is somewhat standard, so I agree with this solution.

nielsdos added a commit to nielsdos/php-src that referenced this issue Feb 23, 2025
@nielsdos
Fix phpGH-17900 and phpGH-8084
94520fa 
Calling the constructor twice has no real world benefit.
Block it to fix these two issues.
We also clean up the constructor code a bit:
1) `in_ctor` implies `object` exists
2) We no longer need to deal with reusing internal data.

Closes phpGH-17900.
Closes phpGH-8084.
@nielsdos nielsdos mentioned this issue Feb 23, 2025
Closed
nielsdos added a commit to nielsdos/php-src that referenced this issue Feb 23, 2025
@nielsdos
Fix phpGH-17900 and phpGH-8084
4205c31 
Calling the constructor twice has no real world benefit.
Block it to fix these two issues.
We also clean up the constructor code a bit:
- `in_ctor` implies `object` exist.
- We surround the instance check with ZEND_DEBUG to avoid a runtime
  penalty.

Closes phpGH-17900.
Closes phpGH-8084.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
Bug Extension: mysqli Status: Verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix GH-17900 and GH-8084 nielsdos/php-src
4 participants
@devnexen @nielsdos @Girgias @YuanchengJiang