From abba56f60522e8f5449c11f780409b7227d022d0 Mon Sep 17 00:00:00 2001
From: vanviegen <github@vanviegen.net>
Date: Wed, 21 Dec 2016 16:18:14 +0100
Subject: [PATCH] Fix for sporadic segfault with
 MYSQLI_OPT_INT_AND_FLOAT_NATIVE

Fixes bug #73800

news entry for PR #2249
---
 NEWS                               | 2 ++
 ext/mysqlnd/mysqlnd_wireprotocol.c | 8 +++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 9693b39b75..020bcc04e0 100644
--- a/NEWS
+++ b/NEWS
@@ -31,6 +31,8 @@ PHP                                                                        NEWS
 - Mysqlnd:
   . Optimized handling of BIT fields - less memory copies and lower memory
     usage. (Andrey)
+  . Fixed bug #73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE). 
+	(vanviegen)
 
 - Opcache:
   . Fixed bug #73789 (Strange behavior of class constants in switch/case block).
diff --git a/ext/mysqlnd/mysqlnd_wireprotocol.c b/ext/mysqlnd/mysqlnd_wireprotocol.c
index 03fcad9877..b057a44e82 100644
--- a/ext/mysqlnd/mysqlnd_wireprotocol.c
+++ b/ext/mysqlnd/mysqlnd_wireprotocol.c
@@ -1477,7 +1477,12 @@ php_mysqlnd_read_row_ex(MYSQLND_PFC * pfc,
 	  zero-length byte, don't read the body, there is no such.
 	*/
 
-	*data_size = 0;
+	/*
+	  We're allocating an extra byte, as php_mysqlnd_rowp_read_text_protocol_aux
+	  needs to be able to append a terminating \0 for atoi/atof.
+	*/
+	*data_size = 1;
+	
 	while (1) {
 		if (FAIL == mysqlnd_read_header(pfc, vio, &header, stats, error_info)) {
 			ret = FAIL;
@@ -1526,6 +1531,7 @@ php_mysqlnd_read_row_ex(MYSQLND_PFC * pfc,
 		pool->free_chunk(pool, *buffer);
 		*buffer = NULL;
 	}
+	*data_size--;
 	DBG_RETURN(ret);
 }
 /* }}} */
-- 
2.40.0