iliaa           Wed Apr 21 20:32:08 2004 EDT

  Modified files:              (Branch: PHP_4_3)
    /php-src    NEWS 
    /php-src/ext/pgsql  pgsql.c 
  Log:
  MFH: Fixed possible crash inside pg_copy_(to|from) function if delimiter is
  more then 1 character long.
  
  
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.1247.2.643&r2=1.1247.2.644&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.643 php-src/NEWS:1.1247.2.644
--- php-src/NEWS:1.1247.2.643   Tue Apr 20 20:12:12 2004
+++ php-src/NEWS        Wed Apr 21 20:32:06 2004
@@ -1,6 +1,8 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2004, Version 4.3.7
+- Fixed possible crash inside pg_copy_(to|from) function if delimiter is more
+  then 1 character long. (Ilia)
 - Fixed handling of return values from storred procedures in mssql_execute()
   with multiple result sets returned. (Frank)
 - Fixed bug #28055 (timeout duration too long in feof()/pfsockopen() liveness
http://cvs.php.net/diff.php/php-src/ext/pgsql/pgsql.c?r1=1.244.2.34&r2=1.244.2.35&ty=u
Index: php-src/ext/pgsql/pgsql.c
diff -u php-src/ext/pgsql/pgsql.c:1.244.2.34 php-src/ext/pgsql/pgsql.c:1.244.2.35
--- php-src/ext/pgsql/pgsql.c:1.244.2.34        Wed Mar 17 20:35:50 2004
+++ php-src/ext/pgsql/pgsql.c   Wed Apr 21 20:32:07 2004
@@ -19,7 +19,7 @@
    +----------------------------------------------------------------------+
  */
  
-/* $Id: pgsql.c,v 1.244.2.34 2004/03/18 01:35:50 iliaa Exp $ */
+/* $Id: pgsql.c,v 1.244.2.35 2004/04/22 00:32:07 iliaa Exp $ */
 
 #include <stdlib.h>
 
@@ -2515,8 +2515,8 @@
        ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", 
le_link, le_plink);
 
        query = (char *)emalloc(strlen(query_template) + strlen(table_name) + 
strlen(pg_null_as) + 1);
-       sprintf(query, "COPY \"%s\" TO STDOUT DELIMITERS '%s' WITH NULL AS '%s'",
-                       table_name,     pg_delim, pg_null_as);
+       sprintf(query, "COPY \"%s\" TO STDOUT DELIMITERS '%c' WITH NULL AS '%s'",
+                       table_name, *pg_delim, pg_null_as);
 
        while ((pgsql_result = PQgetResult(pgsql))) {
                PQclear(pgsql_result);
@@ -2625,8 +2625,8 @@
        ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", 
le_link, le_plink);
 
        query = (char *)emalloc(strlen(query_template) + strlen(table_name) + 
strlen(pg_null_as) + 1);
-       sprintf(query, "COPY \"%s\" FROM STDIN DELIMITERS '%s' WITH NULL AS '%s'",
-                       table_name, pg_delim, pg_null_as);
+       sprintf(query, "COPY \"%s\" FROM STDIN DELIMITERS '%c' WITH NULL AS '%s'",
+                       table_name, *pg_delim, pg_null_as);
        while ((pgsql_result = PQgetResult(pgsql))) {
                PQclear(pgsql_result);
        }

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to