Fixed bug #41285 (Improved fix for CVE-2007-1887 to work with non-bundled

sqlite2 lib).
author: Ilia Alshanetsky <iliaa@php.net> 2007-05-05 15:36:15 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2007-05-05 15:36:15 +0000
commit: 502d68e1e7d28ec35ae2bb8aea9d31db32da82bd (patch)
tree: d3c4d46b505872bbe06815fd345e4c765e24beab /ext/sqlite/sess_sqlite.c
parent: c70105610a1266bdfcba050502ea63459fa1e6f0 (diff)
download: php-git-502d68e1e7d28ec35ae2bb8aea9d31db32da82bd.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/ext/sqlite/sess_sqlite.c b/ext/sqlite/sess_sqlite.c
index 785704faf7..c893baad98 100644
--- a/ext/sqlite/sess_sqlite.c
+++ b/ext/sqlite/sess_sqlite.c
@@ -110,9 +110,13 @@ PS_READ_FUNC(sqlite)
 		case SQLITE_ROW:
 			if (rowdata[0] != NULL) {
 				*vallen = strlen(rowdata[0]);
-				*val = emalloc(*vallen);
-				*vallen = sqlite_decode_binary(rowdata[0], *val);
-				(*val)[*vallen] = '\0';
+				if (*vallen) {
+					*val = emalloc(*vallen);
+					*vallen = sqlite_decode_binary(rowdata[0], *val);
+					(*val)[*vallen] = '\0';
+				} else {
+					*val = STR_EMPTY_ALLOC();
+				}
 			}
 			break;
 		default:
author	Ilia Alshanetsky <iliaa@php.net>	2007-05-05 15:36:15 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2007-05-05 15:36:15 +0000
commit	502d68e1e7d28ec35ae2bb8aea9d31db32da82bd (patch)
tree	d3c4d46b505872bbe06815fd345e4c765e24beab /ext/sqlite/sess_sqlite.c
parent	c70105610a1266bdfcba050502ea63459fa1e6f0 (diff)
download	php-git-502d68e1e7d28ec35ae2bb8aea9d31db32da82bd.tar.gz