Fixed bug #39663 (Memory leak in pg_get_notify() and a possible memory

Ilia Alshanetsky · Ilia Alshanetsky · commit bfa4af46e1ac · 2006-11-29T15:45:59.000Z
corruption on Windows in pgsql and pdo_pgsql extensions).
diff --git a/NEWS b/NEWS
@@ -45,6 +45,9 @@ PHP                                                                        NEWS
 - Added optimization for imageline with horizontal and vertial lines (Pierre)
 - Fixed bug #39673 (file_get_contents causes bus error on certain offsets). 
   (Tony)
+- Fixed bug #39663 (Memory leak in pg_get_notify() and a possible memory
+  corruption on Windows in pgsql and pdo_pgsql extensions). (Ilia, matteo at
+  beccati dot com)
 - Fixed bug #39662 (Segfault when calling asXML() of a cloned SimpleXMLElement).
   (Rob, Tony)
 - Fixed bug #39656 (crash when calling fetch() on a PDO statment object
diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c
@@ -325,7 +325,7 @@ static int pgsql_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, int unquote
 			(*quoted)[0] = '\'';
 			(*quoted)[*quotedlen-1] = '\'';
 			(*quoted)[*quotedlen] = '\0';
-			free(escaped);
+			PQfreemem(escaped);
 			break;
 		default:
 			*quoted = safe_emalloc(2, unquotedlen, 3);
diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c
@@ -3358,7 +3358,7 @@ PHP_FUNCTION(pg_copy_to)
 							break;
 						default:
 							add_next_index_string(return_value, csv, 1);
-							free(csv);
+							PQfreemem(csv);
 							break;
 					}
 				}
@@ -3610,7 +3610,7 @@ PHP_FUNCTION(pg_escape_bytea)
 		to = (char *)PQescapeBytea((unsigned char*)from, from_len, &to_len);
 
 	RETVAL_STRINGL(to, to_len-1, 1); /* to_len includes addtional '\0' */
-	free(to);
+	PQfreemem(to);
 }
 /* }}} */
 
@@ -3735,7 +3735,7 @@ PHP_FUNCTION(pg_unescape_bytea)
 #if HAVE_PQUNESCAPEBYTEA
 	tmp = (char *)PQunescapeBytea((unsigned char*)from, &to_len);
 	to = estrndup(tmp, to_len);
-	free(tmp);
+	PQfreemem(tmp);
 #else
 	to = (char *)php_pgsql_unescape_bytea((unsigned char*)from, &to_len);
 #endif
@@ -4348,6 +4348,7 @@ PHP_FUNCTION(pg_get_notify)
 		add_assoc_string(return_value, "message", pgsql_notify->relname, 1);
 		add_assoc_long(return_value, "pid", pgsql_notify->be_pid);
 	}
+	PQfreemem(pgsql_notify);
 }
 /* }}} */
 
@@ -5153,7 +5154,7 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con
 							Z_STRLEN_P(new_val) = to_len-1; /* PQescapeBytea's to_len includes additional '\0' */
 							Z_STRVAL_P(new_val) = emalloc(to_len);
 							memcpy(Z_STRVAL_P(new_val), tmp, to_len);
-							free(tmp);
+							PQfreemem(tmp);
 							php_pgsql_add_quotes(new_val, 1 TSRMLS_CC);
 								
 						}
