diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/interfaces/libpq/fe-exec.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/src/interfaces/libpq/fe-exec.c b/src/interfaces/libpq/fe-exec.c index 53516db7234..77124efe779 100644 --- a/src/interfaces/libpq/fe-exec.c +++ b/src/interfaces/libpq/fe-exec.c @@ -1113,6 +1113,7 @@ PQsendQuery(PGconn *conn, const char *query) if (!PQsendQueryStart(conn)) return 0; + /* check the argument */ if (!query) { printfPQExpBuffer(&conn->errorMessage, @@ -1170,12 +1171,19 @@ PQsendQueryParams(PGconn *conn, if (!PQsendQueryStart(conn)) return 0; + /* check the arguments */ if (!command) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("command string is a null pointer\n")); return 0; } + if (nParams < 0 || nParams > 65535) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("number of parameters must be between 0 and 65535\n")); + return 0; + } return PQsendQueryGuts(conn, command, @@ -1203,19 +1211,25 @@ PQsendPrepare(PGconn *conn, if (!PQsendQueryStart(conn)) return 0; + /* check the arguments */ if (!stmtName) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("statement name is a null pointer\n")); return 0; } - if (!query) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("command string is a null pointer\n")); return 0; } + if (nParams < 0 || nParams > 65535) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("number of parameters must be between 0 and 65535\n")); + return 0; + } /* This isn't gonna work on a 2.0 server */ if (PG_PROTOCOL_MAJOR(conn->pversion) < 3) @@ -1298,12 +1312,19 @@ PQsendQueryPrepared(PGconn *conn, if (!PQsendQueryStart(conn)) return 0; + /* check the arguments */ if (!stmtName) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("statement name is a null pointer\n")); return 0; } + if (nParams < 0 || nParams > 65535) + { + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("number of parameters must be between 0 and 65535\n")); + return 0; + } return PQsendQueryGuts(conn, NULL, /* no command to parse */ |