File: bug81720.phpt

package info (click to toggle)
php8.4 8.4.16-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 211,276 kB
  • sloc: ansic: 1,176,142; php: 35,419; sh: 11,964; cpp: 7,208; pascal: 4,951; javascript: 3,091; asm: 2,817; yacc: 2,411; makefile: 696; xml: 446; python: 301; awk: 148
file content (29 lines) | stat: -rw-r--r-- 704 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
--TEST--
Bug #81720 (Uninitialized array in pg_query_params() leading to RCE)
--EXTENSIONS--
pgsql
--SKIPIF--
<?php include("inc/skipif.inc"); ?>
--FILE--
<?php
include('inc/config.inc');

$conn = pg_connect($conn_str);

try {
    pg_query_params($conn, 'SELECT $1, $2', [1, new stdClass()]);
} catch (Throwable $ex) {
    echo $ex->getMessage(), PHP_EOL;
}

try {
    pg_send_prepare($conn, "my_query", 'SELECT $1, $2');
    pg_get_result($conn);
    pg_send_execute($conn, "my_query", [1, new stdClass()]);
} catch (Throwable $ex) {
    echo $ex->getMessage(), PHP_EOL;
}
?>
--EXPECT--
Object of class stdClass could not be converted to string
Object of class stdClass could not be converted to string