Fix #78473: odbc_close() closes arbitrary resources

cmb69 · cmb69 · commit b5572658166c · 2019-08-28T17:55:15.000+02:00
We have to bail out, if an invalid resource is given.  For consistency
with the other `zend_fetch_resource(2)` calls, we return `FALSE`.
diff --git a/NEWS b/NEWS
@@ -11,6 +11,9 @@ PHP                                                                        NEWS
   . Fixed connect_attr issues and added the _server_host connection attribute.
     (Qianqian Bu)
 
+- ODBC:
+  . Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb)
+
 29 Aug 2019, PHP 7.2.22
 
 - Core:
diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c
@@ -2752,7 +2752,10 @@ PHP_FUNCTION(odbc_close)
 		return;
 	}
 
-	conn = (odbc_connection *)zend_fetch_resource2(Z_RES_P(pv_conn), "ODBC-Link", le_conn, le_pconn);
+	if (!(conn = (odbc_connection *)zend_fetch_resource2(Z_RES_P(pv_conn), "ODBC-Link", le_conn, le_pconn))) {
+		RETURN_FALSE;
+	}
+
 	if (Z_RES_P(pv_conn)->type == le_pconn) {
 		is_pconn = 1;
 	}
diff --git a/ext/odbc/tests/bug78473.phpt b/ext/odbc/tests/bug78473.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Bug #78473 (odbc_close() closes arbitrary resources)
+--SKIPIF--
+<?php
+if (!extension_loaded('odbc')) die('skip odbc extension not available');
+?>
+--FILE--
+<?php
+odbc_close(STDIN);
+var_dump(STDIN);
+?>
+--EXPECTF--
+Warning: odbc_close(): supplied resource is not a valid ODBC-Link resource in %s on line %d
+resource(%d) of type (stream)

Original file line number	Diff line number	Diff line change
`@@ -2752,7 +2752,10 @@ PHP_FUNCTION(odbc_close)`
`2752`	`2752`	`return;`
`2753`	`2753`	`}`
`2754`	`2754`
`2755`		`- conn = (odbc_connection *)zend_fetch_resource2(Z_RES_P(pv_conn), "ODBC-Link", le_conn, le_pconn);`
	`2755`	`+ if (!(conn = (odbc_connection *)zend_fetch_resource2(Z_RES_P(pv_conn), "ODBC-Link", le_conn, le_pconn))) {`
	`2756`	`+ RETURN_FALSE;`
	`2757`	`+ }`
	`2758`	`+`
`2756`	`2759`	`if (Z_RES_P(pv_conn)->type == le_pconn) {`
`2757`	`2760`	`is_pconn = 1;`
`2758`	`2761`	`}`