From 952de6c4273d9b1e91c2b838044f8c2111150c29 Mon Sep 17 00:00:00 2001
From: Damien Regad <dregad@mantisbt.org>
Date: Mon, 10 Jan 2022 09:41:32 +0100
Subject: [PATCH] Prevent auth bypass with PostgreSQL connections

Thanks to Emmet Leahy of Sorcery Ltd for reporting this vulnerability
(CVE-2021-3850).

This is a minimalistic approach to patch the issue, to reduce the risk
of causing regressions in the legacy stable branch.

Fixes #793
---
 drivers/adodb-postgres64.inc.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/drivers/adodb-postgres64.inc.php b/drivers/adodb-postgres64.inc.php
index 27e06b069..c98ade9ae 100644
--- a/drivers/adodb-postgres64.inc.php
+++ b/drivers/adodb-postgres64.inc.php
@@ -51,7 +51,6 @@ function adodb_addslashes($s)
 {
 	$len = strlen($s);
 	if ($len == 0) return "''";
-	if (strncmp($s,"'",1) === 0 && substr($s,$len-1) == "'") return $s; // already quoted
 
 	return "'".addslashes($s)."'";
 }