From: Derick Rethans Date: Tue, 5 Jul 2005 12:47:06 +0000 (+0000) Subject: - MFH: Fixed memory corruption in pg_copy_from() in case the as_null parameter was X-Git-Tag: php-5.0.5RC1~79 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c741a9e71944d87c315ef3324774efd82a42c692;p=php - MFH: Fixed memory corruption in pg_copy_from() in case the as_null parameter was passed. --- diff --git a/NEWS b/NEWS index fbfe172fe1..e182156972 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,8 @@ PHP NEWS - Added PHP_INT_MAX and PHP_INT_SIZE as predefined constants. (Andrey) - Changed sha1_file() and md5_file() functions to use streams instead of low level IO. (Uwe) +- Fixed memory corruption in pg_copy_from() in case the as_null parameter was + passed. (Derick) - Fixed ext/mysqli to allocate less memory when fetching bound params of type (MEDIUM|LONG)BLOB/(MEDIUM|LONG)TEXT. (Andrey) - Fixed memory corruption in ImageTTFText() with 64bit systems. (Andrey) diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index 904fb12888..a69f1f035b 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -2750,6 +2750,7 @@ PHP_FUNCTION(pg_copy_from) zval **tmp; char *table_name, *pg_delim = NULL, *pg_null_as = NULL; int table_name_len, pg_delim_len, pg_null_as_len; + int pg_null_as_free = 0; char *query; char *query_template = "COPY \"\" FROM STDIN DELIMITERS ':' WITH NULL AS ''"; HashPosition pos; @@ -2769,6 +2770,7 @@ PHP_FUNCTION(pg_copy_from) } if (!pg_null_as) { pg_null_as = safe_estrdup("\\\\N"); + pg_null_as_free = 1; } ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", le_link, le_plink); @@ -2781,7 +2783,9 @@ PHP_FUNCTION(pg_copy_from) } pgsql_result = PQexec(pgsql, query); - efree(pg_null_as); + if (pg_null_as_free) { + efree(pg_null_as); + } efree(query); if (pgsql_result) {