- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter)

diff --git a/NEWS b/NEWS
index 0eb325bb2e6814607c113d59e491882a53675180..18416632456098cabf437e55c9c5c39d558789f8 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,8 @@ PHP                                                                        NEWS
   requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)
 - Fixed 64-bit integer overflow in mhash_keygen_s2k(). (Clément LECIGNE, Stas) 
 
+- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter).
+  (Felipe)
 - Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string
   literal). (cbandy at jbandy dot com)
 - Fixed bug #51590 (JSON_ERROR_UTF8 is undefined). (Felipe)

diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c
index 92725ee996586a81b89cda5c810b9f1ee12a5069..5fbfd5870e3066325b87e5a475eef2bee033acbb 100644 (file)
--- a/ext/pgsql/pgsql.c
+++ b/ext/pgsql/pgsql.c
@@ -3735,7 +3735,7 @@ PHP_FUNCTION(pg_copy_to)
 {
        zval *pgsql_link;
        char *table_name, *pg_delim = NULL, *pg_null_as = NULL;
-       int table_name_len, pg_delim_len, pg_null_as_len;
+       int table_name_len, pg_delim_len, pg_null_as_len, free_pg_null = 0;
        char *query;
        int id = -1;
        PGconn *pgsql;
@@ -3762,6 +3762,7 @@ PHP_FUNCTION(pg_copy_to)
 
        if (!pg_null_as) {
                pg_null_as = safe_estrdup("\\\\N");
+               free_pg_null = 1;
        }
 
        if (memchr(table_name, '.', table_name_len)) {
@@ -3774,7 +3775,9 @@ PHP_FUNCTION(pg_copy_to)
                PQclear(pgsql_result);
        }
        pgsql_result = PQexec(pgsql, query);
-       efree(pg_null_as);
+       if (free_pg_null) {
+               efree(pg_null_as);
+       }
        efree(query);
 
        if (pgsql_result) {