[libdbd-pg-perl] 06/35: Protect against crash if missing server_version

[Christoph Berg]

This is an automated email from the git hooks/post-receive script.

myon pushed a commit to branch master
in repository libdbd-pg-perl.

commit 8a332999afce22e8c761b5744fac7eaa668b909c
Author: David Christensen <david at endpoint.com>
Date:   Wed Sep 13 11:44:37 2017 -0500

    Protect against crash if missing server_version
    
    If "server_version" was not exposed as a connection parameter via libpq (as might be in a custom
    wire-protocol-based application) sscanf() could crash.  Test for NULL to prevent this.
---
 Changes  |  2 ++
 Pg.h     |  1 +
 dbdimp.c | 19 +++++++++++++------
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/Changes b/Changes
index 1563d6a..459acb8 100644
--- a/Changes
+++ b/Changes
@@ -4,6 +4,8 @@
   - Fix crash with missing client_encoding
     (Github issue #29)
     [David Christensen, reported by Marko Tiikkaja]
+  - Fix crash with missing server_version
+    [David Christensen]
 
 Version 3.6.2  Released May 23, 2017 (git tag 3.6.2)
 
diff --git a/Pg.h b/Pg.h
index c1bbb62..1002a86 100644
--- a/Pg.h
+++ b/Pg.h
@@ -26,6 +26,7 @@ static int errno;
 #define PG_ASYNC 1
 #define PG_OLDQUERY_CANCEL 2
 #define PG_OLDQUERY_WAIT 4
+#define PG_UNKNOWN_VERSION 0
 
 /* Force preprocessors to use this variable. Default to something valid yet noticeable */
 #ifndef PGLIBVERSION
diff --git a/dbdimp.c b/dbdimp.c
index 065360c..5dff5e7 100644
--- a/dbdimp.c
+++ b/dbdimp.c
@@ -224,13 +224,20 @@ int dbd_db_login6 (SV * dbh, imp_dbh_t * imp_dbh, char * dbname, char * uid, cha
 
 	if (imp_dbh->pg_server_version <= 0) {
 		int	cnt, vmaj, vmin, vrev;
-		cnt = sscanf(PQparameterStatus(imp_dbh->conn, "server_version"), "%d.%d.%d",
-					 &vmaj, &vmin, &vrev);
-		if (cnt >= 2) {
-			if (cnt == 2) /* Account for devel version e.g. 8.3beta1 */
-				vrev = 0;
-			imp_dbh->pg_server_version = (100 * vmaj + vmin) * 100 + vrev;
+        const char *vers = PQparameterStatus(imp_dbh->conn, "server_version");
+
+        if (NULL != vers) {
+			cnt = sscanf(vers, "%d.%d.%d",
+						 &vmaj, &vmin, &vrev);
+			if (cnt >= 2) {
+				if (cnt == 2) /* Account for devel version e.g. 8.3beta1 */
+					vrev = 0;
+				imp_dbh->pg_server_version = (100 * vmaj + vmin) * 100 + vrev;
+			}
 		}
+        else {
+            imp_dbh->pg_server_version = PG_UNKNOWN_VERSION ;
+        }
 	}
 
 	pg_db_detect_client_encoding_utf8(aTHX_ imp_dbh);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libdbd-pg-perl.git