From 720d605e61abf2c09f3a70e98ffcb617882c77e2 Mon Sep 17 00:00:00 2001
From: Petr Skoda <commits@skodak.org>
Date: Mon, 19 Mar 2012 19:49:28 +0100
Subject: [PATCH] MDL-32112 validate integer definition in sql_generator

---
 lib/ddl/simpletest/testddl.php | 32 ++++++++++++++++++++++++++++++++
 lib/xmldb/xmldb_field.php      |  8 ++++++++
 2 files changed, 40 insertions(+)

diff --git a/lib/ddl/simpletest/testddl.php b/lib/ddl/simpletest/testddl.php
index 321bcf37928..aabd27c169f 100644
--- a/lib/ddl/simpletest/testddl.php
+++ b/lib/ddl/simpletest/testddl.php
@@ -402,6 +402,38 @@ class ddl_test extends UnitTestCase {
             $this->assertIdentical(get_class($e), 'coding_exception');
         }
 
+        // Invalid integer length
+        $table = new xmldb_table('test_table4');
+        $table->add_field('id', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null);
+        $table->add_field('course', XMLDB_TYPE_INTEGER, '21', XMLDB_UNSIGNED, XMLDB_NOTNULL, null, '2');
+        $table->add_key('primary', XMLDB_KEY_PRIMARY, array('id'));
+        $table->setComment("This is a test'n drop table. You can drop it safely");
+
+        $this->tables[$table->getName()] = $table;
+
+        try {
+            $dbman->create_table($table);
+            $this->fail('Exception expected');
+        } catch (Exception $e) {
+            $this->assertIdentical(get_class($e), 'coding_exception');
+        }
+
+        // Invalid integer default
+        $table = new xmldb_table('test_table4');
+        $table->add_field('id', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, XMLDB_SEQUENCE, null);
+        $table->add_field('course', XMLDB_TYPE_INTEGER, '10', XMLDB_UNSIGNED, XMLDB_NOTNULL, null, 'x');
+        $table->add_key('primary', XMLDB_KEY_PRIMARY, array('id'));
+        $table->setComment("This is a test'n drop table. You can drop it safely");
+
+        $this->tables[$table->getName()] = $table;
+
+        try {
+            $dbman->create_table($table);
+            $this->fail('Exception expected');
+        } catch (Exception $e) {
+            $this->assertIdentical(get_class($e), 'coding_exception');
+        }
+
     }
 
     /**
diff --git a/lib/xmldb/xmldb_field.php b/lib/xmldb/xmldb_field.php
index 05b3e7ab5a3..7716de4d362 100644
--- a/lib/xmldb/xmldb_field.php
+++ b/lib/xmldb/xmldb_field.php
@@ -715,6 +715,14 @@ class xmldb_field extends xmldb_object {
 
         switch ($this->getType()) {
             case XMLDB_TYPE_INTEGER:
+                $length = $this->getLength();
+                if (!is_number($length) or $length <= 0 or $length > 20) {
+                    return 'Invalid field definition in table {'.$xmldb_table->getName(). '}: XMLDB_TYPE_INTEGER field "'.$this->getName().'" has invalid length';
+                }
+                $default = $this->getDefault();
+                if (!empty($default) and !is_number($default)) {
+                    return 'Invalid field definition in table {'.$xmldb_table->getName(). '}: XMLDB_TYPE_INTEGER field "'.$this->getName().'" has invalid default';
+                }
                 break;
 
             case XMLDB_TYPE_NUMBER: