From b6e58dcd2262c30c0657624ca3c372dc90d5a031 Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Tue, 12 Feb 2019 10:55:05 +0300
Subject: Fixed bug #77599 (Unbuffered queries; native prepared statements
 memory leak)

---
 ext/mysqlnd/mysqlnd_ps.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'ext/mysqlnd/mysqlnd_ps.c')

diff --git a/ext/mysqlnd/mysqlnd_ps.c b/ext/mysqlnd/mysqlnd_ps.c
index f3fab43f0c..b2017b9127 100644
--- a/ext/mysqlnd/mysqlnd_ps.c
+++ b/ext/mysqlnd/mysqlnd_ps.c
@@ -851,6 +851,7 @@ mysqlnd_stmt_fetch_row_unbuffered(MYSQLND_RES * result, void * param, const unsi
 	MYSQLND_PACKET_ROW * row_packet;
 	MYSQLND_CONN_DATA * conn = result->conn;
 	const MYSQLND_RES_METADATA * const meta = result->meta;
+	void *checkpoint;
 
 	DBG_ENTER("mysqlnd_stmt_fetch_row_unbuffered");
 
@@ -873,6 +874,9 @@ mysqlnd_stmt_fetch_row_unbuffered(MYSQLND_RES * result, void * param, const unsi
 	/* Let the row packet fill our buffer and skip additional malloc + memcpy */
 	row_packet->skip_extraction = stmt && stmt->result_bind? FALSE:TRUE;
 
+	checkpoint = result->memory_pool->checkpoint;
+	mysqlnd_mempool_save_state(result->memory_pool);
+
 	/*
 	  If we skip rows (stmt == NULL || stmt->result_bind == NULL) we have to
 	  result->unbuf->m.free_last_data() before it. The function returns always true.
@@ -895,6 +899,8 @@ mysqlnd_stmt_fetch_row_unbuffered(MYSQLND_RES * result, void * param, const unsi
 									conn->options->int_and_float_native,
 									conn->stats))
 			{
+				mysqlnd_mempool_restore_state(result->memory_pool);
+				result->memory_pool->checkpoint = checkpoint;
 				DBG_RETURN(FAIL);
 			}
 
@@ -965,6 +971,9 @@ mysqlnd_stmt_fetch_row_unbuffered(MYSQLND_RES * result, void * param, const unsi
 		}
 	}
 
+	mysqlnd_mempool_restore_state(result->memory_pool);
+	result->memory_pool->checkpoint = checkpoint;
+
 	DBG_INF_FMT("ret=%s fetched_anything=%u", ret == PASS? "PASS":"FAIL", *fetched_anything);
 	DBG_RETURN(ret);
 }
-- 
cgit v1.2.1