Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

MDL-26922 dml - avoid PHP_INT_MAX overflow on limit queries

  • Loading branch information...
commit f80de2f25c1599a9f3b1cdf4b2570106c40ccc30 1 parent 56babbc
@stronk7 stronk7 authored
View
3  lib/dml/mssql_native_moodle_database.php
@@ -694,6 +694,9 @@ public function get_recordset_sql($sql, array $params=null, $limitfrom=0, $limit
if ($limitfrom or $limitnum) {
if ($limitnum >= 1) { // Only apply TOP clause if we have any limitnum (limitfrom offset is handled later)
$fetch = $limitfrom + $limitnum;
+ if (PHP_INT_MAX - $limitnum < $limitfrom) { // Check PHP_INT_MAX overflow
+ $fetch = PHP_INT_MAX;
+ }
$sql = preg_replace('/^([\s(])*SELECT([\s]+(DISTINCT|ALL))?(?!\s*TOP\s*\()/i',
"\\1SELECT\\2 TOP $fetch", $sql);
}
View
3  lib/dml/sqlsrv_native_moodle_database.php
@@ -763,6 +763,9 @@ public function get_recordset_sql($sql, array $params = null, $limitfrom = 0, $l
if ($limitfrom or $limitnum) {
if ($limitnum >= 1) { // Only apply TOP clause if we have any limitnum (limitfrom offset is handled later)
$fetch = $limitfrom + $limitnum;
+ if (PHP_INT_MAX - $limitnum < $limitfrom) { // Check PHP_INT_MAX overflow
+ $fetch = PHP_INT_MAX;
+ }
$sql = preg_replace('/^([\s(])*SELECT([\s]+(DISTINCT|ALL))?(?!\s*TOP\s*\()/i',
"\\1SELECT\\2 TOP $fetch", $sql);
}
Please sign in to comment.
Something went wrong with that request. Please try again.