From 0d82163958005b2ba56f8c58311888d142fa4509 Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <dgustafsson@postgresql.org>
Date: Fri, 17 Oct 2025 10:03:15 +0200
Subject: [PATCH] ecpg: check return value of replace_variables()

The function returns false if it fails to allocate memory, so
make sure to check the return value in callsites.

Author: Aleksander Alekseev <aleksander@tigerdata.com>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://postgr.es/m/CAJ7c6TNPrU8ZxgdfN3PyGY1tzo0bgszx+KkqW0Z7zt3heyC1GQ@mail.gmail.com
---
 src/interfaces/ecpg/ecpglib/prepare.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/interfaces/ecpg/ecpglib/prepare.c b/src/interfaces/ecpg/ecpglib/prepare.c
index 06f0135813b..4b1ae839506 100644
--- a/src/interfaces/ecpg/ecpglib/prepare.c
+++ b/src/interfaces/ecpg/ecpglib/prepare.c
@@ -200,7 +200,13 @@ prepare_common(int lineno, struct connection *con, const char *name, const char
 	stmt->inlist = stmt->outlist = NULL;
 
 	/* if we have C variables in our statement replace them with '?' */
-	replace_variables(&(stmt->command), lineno);
+	if (!replace_variables(&(stmt->command), lineno))
+	{
+		ecpg_free(stmt->command);
+		ecpg_free(stmt);
+		ecpg_free(this);
+		return false;
+	}
 
 	/* add prepared statement to our list */
 	this->name = ecpg_strdup(name, lineno, NULL);