Fix: Add validation for invalid date query parameter values

packages/pg/lib/utils.js

@@ -60,6 +60,9 @@ var prepareValue = function (val, seen) {
  return buf.slice(val.byteOffset, val.byteOffset + val.byteLength) // Node.js v4 does not support those Buffer.from params
  }
  if (val instanceof Date) {
+ if (isNaN(val.getTime())) {
+ throw new Error('Query parameter value cannot be an invalid date.')
+ }
  if (defaults.parseInputDatesAsUTC) {
  return dateToStringUTC(val)
  } else {

packages/pg/test/integration/client/error-handling-tests.js

@@ -257,3 +257,18 @@ suite.test('cannot pass non-string values to query as text', (done) => {
  })
  })
 })
+
+if (!helper.args.native) {
+ suite.test('when a query has an invalid date binding', function (done) {
+ var client = createErorrClient()
+ var calledDone = false
+
+ client.query(new pg.Query({ text: 'SELECT $1::timestamp', values: [new Date(undefined)] }), function (err, res) {
+ if (!calledDone) {
+ calledDone = true
+ assert.equal(err.message, 'Query parameter value cannot be an invalid date.')
+ client.end(done)
+ }
+ })
+ })
+}