Blame SOURCES/php-5.6.5-CVE-2015-1352.patch
|
|
4c9102 |
From 968fbc6acf0bc27be17c0209be7f966e89a55943 Mon Sep 17 00:00:00 2001
|
|
|
4c9102 |
From: Stanislav Malyshev <stas@php.net>
|
|
|
4c9102 |
Date: Sun, 22 Mar 2015 18:20:59 -0700
|
|
|
4c9102 |
Subject: [PATCH] Bacport fix bug #68741 - Null pointer dereference
|
|
|
4c9102 |
|
|
|
4c9102 |
---
|
|
|
4c9102 |
NEWS | 3 +++
|
|
|
4c9102 |
ext/pgsql/pgsql.c | 3 +++
|
|
|
4c9102 |
2 files changed, 6 insertions(+)
|
|
|
4c9102 |
|
|
|
4c9102 |
diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c
|
|
|
4c9102 |
index 16ce7bf..eb55777 100644
|
|
|
4c9102 |
--- a/ext/pgsql/pgsql.c
|
|
|
4c9102 |
+++ b/ext/pgsql/pgsql.c
|
|
|
4c9102 |
@@ -6484,6 +6484,9 @@ static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const c
|
|
|
4c9102 |
/* schame.table should be "schame"."table" */
|
|
|
4c9102 |
table_copy = estrdup(table);
|
|
|
4c9102 |
token = php_strtok_r(table_copy, ".", &tmp);
|
|
|
4c9102 |
+ if (token == NULL) {
|
|
|
4c9102 |
+ token = table;
|
|
|
4c9102 |
+ }
|
|
|
4c9102 |
len = strlen(token);
|
|
|
4c9102 |
if (_php_pgsql_detect_identifier_escape(token, len) == SUCCESS) {
|
|
|
4c9102 |
smart_str_appendl(querystr, token, len);
|
|
|
4c9102 |
--
|
|
|
4c9102 |
2.1.4
|
|
|
4c9102 |
|