From 68cd2e5528fbfdb2fd8a3c6c751f3e331888a079 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Sat, 9 Jun 2018 11:13:36 +0100
Subject: [PATCH] Issue #2932777 by mondrake, borisson_, alexpott, daffie:
 Risky count() in SQLite Statement

---
 core/lib/Drupal/Core/Database/Driver/sqlite/Statement.php | 2 +-
 core/lib/Drupal/Core/Database/StatementInterface.php      | 2 +-
 core/lib/Drupal/Core/Database/StatementPrefetch.php       | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/lib/Drupal/Core/Database/Driver/sqlite/Statement.php b/core/lib/Drupal/Core/Database/Driver/sqlite/Statement.php
index 5610d071ce30..d9b422b58435 100644
--- a/core/lib/Drupal/Core/Database/Driver/sqlite/Statement.php
+++ b/core/lib/Drupal/Core/Database/Driver/sqlite/Statement.php
@@ -27,7 +27,7 @@ class Statement extends StatementPrefetch implements StatementInterface {
    * See http://bugs.php.net/bug.php?id=45259 for more details.
    */
   protected function getStatement($query, &$args = []) {
-    if (count($args)) {
+    if (is_array($args) && !empty($args)) {
       // Check if $args is a simple numeric array.
       if (range(0, count($args) - 1) === array_keys($args)) {
         // In that case, we have unnamed placeholders.
diff --git a/core/lib/Drupal/Core/Database/StatementInterface.php b/core/lib/Drupal/Core/Database/StatementInterface.php
index a97043af6243..4f4248df0429 100644
--- a/core/lib/Drupal/Core/Database/StatementInterface.php
+++ b/core/lib/Drupal/Core/Database/StatementInterface.php
@@ -44,7 +44,7 @@ interface StatementInterface extends \Traversable {
    *
    * @param $args
    *   An array of values with as many elements as there are bound parameters in
-   *   the SQL statement being executed.
+   *   the SQL statement being executed. This can be NULL.
    * @param $options
    *   An array of options for this query.
    *
diff --git a/core/lib/Drupal/Core/Database/StatementPrefetch.php b/core/lib/Drupal/Core/Database/StatementPrefetch.php
index 4e940ea372ed..de60d73bf901 100644
--- a/core/lib/Drupal/Core/Database/StatementPrefetch.php
+++ b/core/lib/Drupal/Core/Database/StatementPrefetch.php
@@ -214,8 +214,8 @@ protected function throwPDOException() {
    *
    * @param $query
    *   The query.
-   * @param array $args
-   *   An array of arguments.
+   * @param array|null $args
+   *   An array of arguments. This can be NULL.
    * @return \PDOStatement
    *   A PDOStatement object.
    */
-- 
GitLab