diff options
author | Daniel Lowe <dlowe@dlowe.net> | 2019-04-21 11:14:17 +0000 |
---|---|---|
committer | Daniel Lowe <dlowe@dlowe.net> | 2019-04-21 11:14:17 +0000 |
commit | 9a6531e2a278f7462241ddde7b3e5363d13b5e58 (patch) | |
tree | 59e8a482be9aa536c3f665fa9934f54eb3252e30 /include | |
parent | a6a17a85f32733a29c8d4242e93f1de054d4e6fb (diff) | |
download | volse-hubzilla-9a6531e2a278f7462241ddde7b3e5363d13b5e58.tar.gz volse-hubzilla-9a6531e2a278f7462241ddde7b3e5363d13b5e58.tar.bz2 volse-hubzilla-9a6531e2a278f7462241ddde7b3e5363d13b5e58.zip |
Fix infinite loop using postgres as backend
unescapebin is handed a string in some cases, and it causes an infinite
loop when it does. This ensures that the argument is a resource before
loading its contents.
Diffstat (limited to 'include')
-rwxr-xr-x | include/dba/dba_pdo.php | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index a70e4a1d7..0279342ec 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -161,23 +161,17 @@ class dba_pdo extends dba_driver { } function unescapebin($str) { - if($this->driver_dbtype === 'pgsql' && (! is_null($str))) { - $x = ''; - while(! feof($str)) { - $x .= fread($str,8192); + if($this->driver_dbtype === 'pgsql') { + if(gettype($str) === 'resource') { + $str = stream_get_contents($str); } - if(substr($x,0,2) === '\\x') { - $x = hex2bin(substr($x,2)); + if(substr($str,0,2) === '\\x') { + $str = hex2bin(substr($str,2)); } - return $x; - - } - else { - return $str; } + return $str; } - function getdriver() { return 'pdo'; } |