1--TEST-- 2Bug #81720 (Uninitialized array in pg_query_params() leading to RCE) 3--EXTENSIONS-- 4pgsql 5--SKIPIF-- 6<?php include("inc/skipif.inc"); ?> 7--FILE-- 8<?php 9include('inc/config.inc'); 10 11$conn = pg_connect($conn_str); 12 13try { 14 pg_query_params($conn, 'SELECT $1, $2', [1, new stdClass()]); 15} catch (Throwable $ex) { 16 echo $ex->getMessage(), PHP_EOL; 17} 18 19try { 20 pg_send_prepare($conn, "my_query", 'SELECT $1, $2'); 21 pg_get_result($conn); 22 pg_send_execute($conn, "my_query", [1, new stdClass()]); 23} catch (Throwable $ex) { 24 echo $ex->getMessage(), PHP_EOL; 25} 26?> 27--EXPECT-- 28Object of class stdClass could not be converted to string 29Object of class stdClass could not be converted to string 30
