From 968fbc6acf0bc27be17c0209be7f966e89a55943 Mon Sep 17 00:00:00 2001

From: Stanislav Malyshev <stas@php.net>

Date: Sun, 22 Mar 2015 18:20:59 -0700

Subject: [PATCH] Bacport fix bug #68741 - Null pointer dereference

---

 NEWS              | 3 +++

 ext/pgsql/pgsql.c | 3 +++

 2 files changed, 6 insertions(+)

diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c

index 16ce7bf..eb55777 100644

--- a/ext/pgsql/pgsql.c

+++ b/ext/pgsql/pgsql.c

@@ -6118,6 +6118,9 @@ static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const c

 	/* schame.table should be "schame"."table" */

 	table_copy = estrdup(table);

 	token = php_strtok_r(table_copy, ".", &tmp);

+	if (token == NULL) {

+		token = table;

+	}

 	len = strlen(token);

 	if (_php_pgsql_detect_identifier_escape(token, len) == SUCCESS) {

 		smart_str_appendl(querystr, token, len);

-- 

2.1.4

From 2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64 Mon Sep 17 00:00:00 2001

From: Remi Collet <remi@php.net>

Date: Wed, 20 May 2015 08:08:41 +0200

Subject: [PATCH] Fixed Bug #69667 segfault in php_pgsql_meta_data

Incomplete fix for #68741

---

 ext/pgsql/pg_insert_002.phpt | 27 +++++++++++++++++++++++++++

 ext/pgsql/pgsql.c            |  9 +++++++--

 2 files changed, 34 insertions(+), 2 deletions(-)

 create mode 100644 ext/pgsql/pg_insert_002.phpt

diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c

index 23d55cb..5418b3c 100644

--- a/ext/pgsql/pgsql.c

+++ b/ext/pgsql/pgsql.c

@@ -5104,7 +5104,11 @@ PHP_PGSQL_API int php_pgsql_meta_data(PGconn *pg_link, const char *table_name, z

 	src = estrdup(table_name);

 	tmp_name = php_strtok_r(src, ".", &tmp_name2);

-	

+	if (!tmp_name) {

+		efree(src);

+		php_error_docref(NULL TSRMLS_CC, E_WARNING, "The table name must be specified");

+		return FAILURE;

+	}

 	if (!tmp_name2 || !*tmp_name2) {

 		/* Default schema */

 		tmp_name2 = tmp_name;

@@ -6112,7 +6116,8 @@ static int do_exec(smart_str *querystr, int expect, PGconn *pg_link, ulong opt T

 static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const char *table)

 {

-	char *table_copy, *escaped, *token, *tmp;

+	char *table_copy, *escaped, *tmp;

+	const char *token;

 	size_t len;

 	/* schame.table should be "schame"."table" */

-- 

2.1.4

From 3be4e5d71af3d7f495876fabd5a9ce46580e2d0d Mon Sep 17 00:00:00 2001

From: Remi Collet <remi@php.net>

Date: Wed, 20 May 2015 14:02:13 +0200

Subject: [PATCH] move test

---

 ext/pgsql/pg_insert_002.phpt       | 27 ---------------------------

 ext/pgsql/tests/pg_insert_002.phpt | 27 +++++++++++++++++++++++++++

 2 files changed, 27 insertions(+), 27 deletions(-)

 delete mode 100644 ext/pgsql/pg_insert_002.phpt

 create mode 100644 ext/pgsql/tests/pg_insert_002.phpt

diff --git a/ext/pgsql/tests/pg_insert_002.phpt b/ext/pgsql/tests/pg_insert_002.phpt

new file mode 100644

index 0000000..87d87b8

--- /dev/null

+++ b/ext/pgsql/tests/pg_insert_002.phpt

@@ -0,0 +1,27 @@

+--TEST--

+PostgreSQL pg_select() - basic test using schema

+--SKIPIF--

+

+--FILE--

+

+

+include('config.inc');

+

+$conn = pg_connect($conn_str);

+

+foreach (array('', '.', '..') as $table) {

+	var_dump(pg_insert($conn, $table,  array('id' => 1, 'id2' => 1)));

+}

+?>

+Done

+--EXPECTF--

+

+Warning: pg_insert(): The table name must be specified in %s on line %d

+bool(false)

+

+Warning: pg_insert(): The table name must be specified in %s on line %d

+bool(false)

+

+Warning: pg_insert(): The table name must be specified in %s on line %d

+bool(false)

+Done

\ No newline at end of file

-- 

2.1.4