Skip to content

Possible dereference of NULL #12791

Closed
Closed
Possible dereference of NULL#12791
Labels
BugExtension: mysqlndStatus: Verified
@VoroninArtemii

Description

@VoroninArtemii
VoroninArtemii
opened on Nov 27, 2023

Description

There is a check of the variable set for zero in line № 633:

php-src/ext/mysqlnd/mysqlnd_result.c

Line 633 in cc5a1ba

if (!set || !row_buffers) {

But if set == NULL, we go to line № 737:

php-src/ext/mysqlnd/mysqlnd_result.c

Line 737 in cc5a1ba

DBG_INF_FMT("rows=%llu", (unsigned long long)result->stored_data->row_count);

Here the variable result->stored_data is dereferenced. But the variable set is equal to variable result->stored_data before checking.

php-src/ext/mysqlnd/mysqlnd_result.c

Line 629 in cc5a1ba

MYSQLND_RES_BUFFERED * set = result->stored_data;

Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Voronin.

PHP Version

PHP 8.2.3

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugExtension: mysqlndStatus: Verified

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions