ext/pdo_pgsql: Fix _pdo_pgsql_trim_message bad access

close GH-19239

Author: dixyes

NEWS

@@ -27,6 +27,10 @@ PHP                                                                        NEWS
     return value check). (nielsdos, botovq)
   . Fix error return check of EVP_CIPHER_CTX_ctrl(). (nielsdos)
 
+- PDO Pgsql:
+  . Fixed dangling pointer access on _pdo_pgsql_trim_message helper.
+    (dixyes)
+
 - SOAP:
   . Fixed bug GH-18640 (heap-use-after-free ext/soap/php_encoding.c:299:32
     in soap_check_zval_ref). (nielsdos)

ext/pdo_pgsql/pgsql_driver.c

@@ -38,8 +38,14 @@ static bool pgsql_handle_in_transaction(pdo_dbh_t *dbh);
 
 static char * _pdo_pgsql_trim_message(const char *message, int persistent)
 {
-	size_t i = strlen(message)-1;
+	size_t i = strlen(message);
 	char *tmp;
+	if (UNEXPECTED(i == 0)) {
+		tmp = pemalloc(1, persistent);
+		tmp[0] = '\0';
+		return tmp;
+	}
+	--i;
 
 	if (i>1 && (message[i-1] == '\r' || message[i-1] == '\n') && message[i] == '.') {
 		--i;