From 9e3252d4f45aea6d6d3de14513063e79c200cc89 Mon Sep 17 00:00:00 2001
From: v-kaywon <v-kaywon@microsoft.com>
Date: Fri, 12 May 2017 10:56:26 -0700
Subject: [PATCH 1/2] fix uninitialized read if pos of string parser is -1

---
 source/pdo_sqlsrv/pdo_parser.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/source/pdo_sqlsrv/pdo_parser.cpp b/source/pdo_sqlsrv/pdo_parser.cpp
index 9bc11845..411f6a9a 100644
--- a/source/pdo_sqlsrv/pdo_parser.cpp
+++ b/source/pdo_sqlsrv/pdo_parser.cpp
@@ -417,7 +417,9 @@ void sql_string_parser::parse_sql_string( TSRMLS_D ) {
     try {
         while ( !this->is_eos() ) {
             int start_pos = -1;
-
+            if ( pos == -1 ) {
+                next();
+            }
             // skip until a '"', '\'', ':' or '?'
             char sym;
             while ( this->orig_str[pos] != '"' && this->orig_str[pos] != '\'' && this->orig_str[pos] != ':' && this->orig_str[pos] != '?' && !this->is_eos() ) {

From 8de9669b39bf47e6f18020bdb699241f1a7cd9dd Mon Sep 17 00:00:00 2001
From: v-kaywon <v-kaywon@microsoft.com>
Date: Fri, 12 May 2017 16:02:34 -0700
Subject: [PATCH 2/2] get start_pos out of while loop

---
 source/pdo_sqlsrv/pdo_parser.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source/pdo_sqlsrv/pdo_parser.cpp b/source/pdo_sqlsrv/pdo_parser.cpp
index 411f6a9a..2951a7dd 100644
--- a/source/pdo_sqlsrv/pdo_parser.cpp
+++ b/source/pdo_sqlsrv/pdo_parser.cpp
@@ -415,8 +415,9 @@ void conn_string_parser:: parse_conn_string( TSRMLS_D )
 // Primary function which parses out the named placeholders from a sql string.
 void sql_string_parser::parse_sql_string( TSRMLS_D ) {
     try {
+        int start_pos = -1;
         while ( !this->is_eos() ) {
-            int start_pos = -1;
+            // if pos is -1, then reading from a string is an initialized read
             if ( pos == -1 ) {
                 next();
             }