| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Quan Zongliang <quanzongliang(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: bugfix: invalid bit/varbit input causes the log file to be unreadable |
| Date: | 2020-06-28 17:10:59 |
| Message-ID: | 273506.1593364259@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I wrote:
> Even granting the premise, the proposed patch seems like a significant
> decrease in user-friendliness for typical cases. I'd rather see us
> make an effort to print one valid-per-the-DB-encoding character.
> Now that we can rely on snprintf to count %s restrictions in bytes,
> I think something like this should work:
> errmsg("\"%.*s\" is not a valid binary digit",
> pg_mblen(sp), sp)));
> But the real problem is that this is only the tip of the iceberg.
> You didn't even hit all the %c usages in varbit.c.
I went through all the %c format sequences in the backend to see which
ones could use this type of fix. There were not as many as I'd expected,
but still a fair number. (I skipped cases where the input was coming from
the catalogs, as well as some non-user-facing debug printouts.) That
leads to the attached patch, which seems to do the job without breaking
anything that works today.
regards, tom lane
PS: I failed to resist the temptation to improve some shoddy error
messages nearby in pageinspect/heapfuncs.c.
| Attachment | Content-Type | Size |
|---|---|---|
| avoid-percent-c-for-possibly-non-ASCII-data-1.patch | text/x-diff | 8.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-06-28 17:21:14 | Re: Fwd: PostgreSQL: WolfSSL support |
| Previous Message | Joe Conway | 2020-06-28 17:00:29 | Re: pg_read_file() with virtual files returns empty string |