archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 13:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

ext/pdo_pgsql: Fix _pdo_pgsql_trim_message bad access

Browse source 
close GH-19239
This commit is contained in:
dixyes 2025-07-26 00:34:40 +08:00 committed by David Carlier
parent 5dd965117a
commit e16df981bf
No known key found for this signature in database
GPG key ID: 2FB76A8CE6CD2B41
2 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
NEWS
View file

@ -27,6 +27,10 @@ PHP NEWS
return value check). (nielsdos, botovq)
. Fix error return check of EVP_CIPHER_CTX_ctrl(). (nielsdos)
- PDO Pgsql:
. Fixed dangling pointer access on _pdo_pgsql_trim_message helper.
(dixyes)
- SOAP:
. Fixed bug GH-18640 (heap-use-after-free ext/soap/php_encoding.c:299:32
in soap_check_zval_ref). (nielsdos)

8
ext/pdo_pgsql/pgsql_driver.c
View file

@ -38,8 +38,14 @@ static bool pgsql_handle_in_transaction(pdo_dbh_t *dbh);
static char * _pdo_pgsql_trim_message(const char *message, int persistent)
{
size_t i = strlen(message)-1;
size_t i = strlen(message);
char *tmp;
if (UNEXPECTED(i == 0)) {
tmp = pemalloc(1, persistent);
tmp[0] = '\0';
return tmp;
}
--i;
if (i>1 && (message[i-1] == '\r' || message[i-1] == '\n') && message[i] == '.') {
--i;