| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Jeremy Drake <pgsql(at)jdrake(dot)com>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] psql \copy warning |
| Date: | 2006-05-28 22:22:45 |
| Message-ID: | 518.1148854965@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> The attached patch fixes the warning you received by adding E'' strings
> to the \copy arguments, and adds it for the other backslash commands
> like \d.
Further comment on this: I don't think we want all these places
individually making this sort of decision. What they should all be
doing is using appendStringLiteralConn to generate the properly-quoted
literal. (I fixed this already in describe.c, but not in those other
places.)
Once we've got that done, we could argue about whether appendStringLiteral
ought to prepend an E to silence escape_string_warning. I'd still vote
no, but at least it would be a single place to change and not N of 'em.
What's more, each place that is generating a variable literal without
using appendStringLiteral or PQescapeString is at least potentially
vulnerable to encoding issues, and so we should probably convert them
anyway.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua D. Drake | 2006-05-28 23:42:59 | Re: anoncvs still slow |
| Previous Message | Tom Lane | 2006-05-28 21:53:07 | Re: LIKE, leading percent, bind parameters and indexes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2006-05-28 23:54:31 | Re: [HACKERS] psql \copy warning |
| Previous Message | Tom Lane | 2006-05-28 05:00:18 | Re: [HACKERS] psql \copy warning |