diff options
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | ext/pgsql/pgsql.c | 3 |
2 files changed, 6 insertions, 0 deletions
@@ -6,6 +6,9 @@ PHP NEWS . Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() with SoapFault). (Dmitry) +- Postgres: + . Fixed bug #68741 (Null pointer deference) (CVE-2015-1352). (Xinchen Hui) + 19 Mar 2015 PHP 5.4.39 - Core: diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index 16ce7bfb7f..eb55777758 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -6117,6 +6117,9 @@ static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const c /* schame.table should be "schame"."table" */ table_copy = estrdup(table); token = php_strtok_r(table_copy, ".", &tmp); + if (token == NULL) { + token = table; + } len = strlen(token); if (_php_pgsql_detect_identifier_escape(token, len) == SUCCESS) { smart_str_appendl(querystr, token, len); |