1--TEST-- 2PostgreSQL pg_insert() - test for CVE-2015-1532 3--EXTENSIONS-- 4pgsql 5--SKIPIF-- 6<?php include("inc/skipif.inc"); ?> 7--FILE-- 8<?php 9 10include('inc/config.inc'); 11 12$conn = pg_connect($conn_str); 13 14foreach (array('', '.', '..') as $table) { 15 try { 16 var_dump(pg_insert($conn, $table, array('id' => 1, 'id2' => 1))); 17 } catch (\ValueError $e) { 18 echo $e->getMessage() . \PHP_EOL; 19 } 20} 21?> 22Done 23--EXPECTF-- 24pg_insert(): Argument #2 ($table_name) cannot be empty 25pg_insert(): Argument #2 ($table_name) must be specified (.) 26pg_insert(): Argument #2 ($table_name) must be specified (..) 27Done 28
