Improve DNS parsing by correctly handling "\0" bytes

Author: JanJakes

tests/WP_PDO_MySQL_On_SQLite_PDO_API_Tests.php

@@ -40,6 +40,18 @@ public function test_dsn_parsing(): void {
 		// DSN with semicolon in the database name.
 		$driver = new WP_PDO_MySQL_On_SQLite( 'mysql-on-sqlite:path=:memory:;dbname=wp;dbname=w;;p;' );
 		$this->assertSame( 'w;p', $driver->query( 'SELECT DATABASE()' )->fetch()[0] );
+
+		// DSN with semicolon in the database name and a terminating semicolon.
+		$driver = new WP_PDO_MySQL_On_SQLite( 'mysql-on-sqlite:path=:memory:;dbname=w;;;p' );
+		$this->assertSame( 'w;', $driver->query( 'SELECT DATABASE()' )->fetch()[0] );
+
+		// DSN with two semicolons in the database name.
+		$driver = new WP_PDO_MySQL_On_SQLite( 'mysql-on-sqlite:path=:memory:;dbname=w;;;;p' );
+		$this->assertSame( 'w;;p', $driver->query( 'SELECT DATABASE()' )->fetch()[0] );
+
+		// DSN with a "\0" byte (always terminates the DSN string).
+		$driver = new WP_PDO_MySQL_On_SQLite( "mysql-on-sqlite:path=:memory:;dbname=w\0p;" );
+		$this->assertSame( 'w', $driver->query( 'SELECT DATABASE()' )->fetch()[0] );
 	}
 
 	public function test_query(): void {

wp-includes/sqlite-ast/class-wp-pdo-mysql-on-sqlite.php

@@ -598,6 +598,12 @@ public function __construct(
 		?string $password = null,
 		array $options = array()
 	) {
+		// PDO DSN can't include "\0" bytes; parsing stops at the first one.
+		$first_null_byte_index = strpos( $dsn, "\0" );
+		if ( false !== $first_null_byte_index ) {
+			$dsn = substr( $dsn, 0, $first_null_byte_index );
+		}
+
 		// Parse the DSN.
 		$dsn_parts = explode( ':', $dsn, 2 );
 		if ( count( $dsn_parts ) < 2 ) {