--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/php-5_3/php-sapi/patches/091_php_pdo_stmt_race.patch Thu May 31 14:36:45 2012 -0700
@@ -0,0 +1,72 @@
+--- php-5.3.10/ext/pdo/pdo_stmt.c_orig Sun Jan 1 05:15:04 2012
++++ php-5.3.10/ext/pdo/pdo_stmt.c Wed Feb 8 11:25:26 2012
+@@ -2322,6 +2322,51 @@
+ return -1;
+ }
+
++static void init_stmt_properties(pdo_stmt_t* stmt TSRMLS_DC)
++{
++ HashTable* ht = &stmt->ce->default_properties;
++ HashTable* target = stmt->properties;
++
++ HashPosition pos;
++ zend_hash_internal_pointer_reset_ex(ht, &pos);
++ while(zend_hash_has_more_elements_ex(ht, &pos)
++ == SUCCESS) {
++ ulong index;
++ char* key = NULL;
++ uint keylen = 0;
++ int ret = zend_hash_get_current_key_ex(ht, &key, &keylen,
++ &index, 0, &pos);
++ if ((keylen == sizeof("queryString"))
++ && (strncmp(key, "queryString", keylen) == 0)) {
++ zval* qval;
++ /* Since the value for the key queryString in
++ * stmt->ce->default_properties is shared by multiple threads so
++ * we can not add the same zval in stmt->properties. we need to
++ * create a null property object. See Bug 49937 */
++ ALLOC_INIT_ZVAL(qval);
++ zend_hash_add(stmt->properties, "queryString",
++ sizeof("queryString"), (void**) &qval, sizeof(zval*), NULL);
++ }
++ else {
++ void* data = NULL;
++ zend_hash_get_current_data_ex(ht, (void **) &data, &pos);
++ void *new_entry = NULL;
++ if (data) {
++ /* We expect keylen should be > 0. default_properties hash
++ * should only contain named keys */
++ if (keylen) {
++ zend_hash_quick_update(target, key, keylen, 0, data, sizeof(void*), &new_entry);
++ }
++ if (new_entry) {
++ zval_add_ref(new_entry);
++ }
++ }
++ }
++ zend_hash_move_forward_ex(ht, &pos);
++ }
++}
++
++
+ static zend_object_value dbstmt_clone_obj(zval *zobject TSRMLS_DC)
+ {
+ zend_object_value retval;
+@@ -2335,7 +2380,7 @@
+ stmt->refcount = 1;
+ ALLOC_HASHTABLE(stmt->properties);
+ zend_hash_init(stmt->properties, 0, NULL, ZVAL_PTR_DTOR, 0);
+- zend_hash_copy(stmt->properties, &stmt->ce->default_properties, (copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
++ init_stmt_properties(stmt TSRMLS_CC);
+
+ old_stmt = (pdo_stmt_t *)zend_object_store_get_object(zobject TSRMLS_CC);
+
+@@ -2466,7 +2511,7 @@
+ stmt->refcount = 1;
+ ALLOC_HASHTABLE(stmt->properties);
+ zend_hash_init(stmt->properties, 0, NULL, ZVAL_PTR_DTOR, 0);
+- zend_hash_copy(stmt->properties, &ce->default_properties, (copy_ctor_func_t) zval_add_ref, (void *) &tmp, sizeof(zval *));
++ init_stmt_properties(stmt TSRMLS_CC);
+
+ retval.handle = zend_objects_store_put(stmt, (zend_objects_store_dtor_t)zend_objects_destroy_object, (zend_objects_free_object_storage_t)pdo_dbstmt_free_storage, (zend_objects_store_clone_t)dbstmt_clone_obj TSRMLS_CC);
+ retval.handlers = &pdo_dbstmt_object_handlers;