From: Edin Kadribasic <edink@php.net>
Date: Tue, 25 May 2004 16:24:29 +0000 (+0000)
Subject: Use binary safe function for quoting
X-Git-Tag: php-5.0.0RC3RC1~39
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ff1cbb84604fe18592902df4d34e3d6398316f03;p=php

Use binary safe function for quoting
---

diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c
index 334bf2e016..6d5af4ba37 100644
--- a/ext/pdo_pgsql/pgsql_driver.c
+++ b/ext/pdo_pgsql/pgsql_driver.c
@@ -136,12 +136,18 @@ static long pgsql_handle_doer(pdo_dbh_t *dbh, const char *sql, long sql_len TSRM
 
 static int pgsql_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, int unquotedlen, char **quoted, int *quotedlen  TSRMLS_DC)
 {
-	*quoted = emalloc(2*unquotedlen + 3);
+	unsigned char *escaped;
+
+	/* escapedlen returned by PQescapeBytea() accounts for trailing 0 */
+	escaped = PQescapeBytea(unquoted, unquotedlen, quotedlen);
+	*quotedlen += 1;
+	*quoted = emalloc(*quotedlen + 1);
+	memcpy((*quoted)+1, escaped, *quotedlen-2);
 	(*quoted)[0] = '\'';
-	*quotedlen = PQescapeString(*quoted + 1, unquoted, unquotedlen);
-	(*quoted)[*quotedlen + 1] = '\'';
-	(*quoted)[*quotedlen + 2] = '\0';
-	*quotedlen += 2;
+	(*quoted)[*quotedlen-1] = '\'';
+	(*quoted)[*quotedlen] = '\0';
+	PQfreemem(escaped);
+
 	return 1;
 }