| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Cc: | Michael Meskes <meskes(at)postgresql(dot)org> |
| Subject: | ECPG gets embedded quotes wrong |
| Date: | 2020-10-20 19:46:18 |
| Message-ID: | 673825.1603223178@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
A recent user complaint [1] led me to investigate what ECPG does with
embedded quotes (that is, quotes-meant-to-be-data) in SQL identifiers
and strings. AFAICS, it gets it wrong. For example, if you write
the literal 'abc''def' in an EXEC SQL command, that will come out the
other end as 'abc'def', triggering a syntax error in the backend.
Likewise, "abc""def" is reduced to "abc"def" which is wrong syntax.
It looks to me like a sufficient fix is just to keep these quote
sequences as-is within a converted string, so that the attached
appears to fix it. I added some documentation too, since there
doesn't seem to be anything there now explaining how it's supposed
to work.
I doubt this is safely back-patchable, since anybody who's working
around the existing misbehavior (as I see sql/dyntest.pgc is doing)
would not appreciate it changing under them in a minor release.
But I think we can fix it in v14.
regards, tom lane
| Attachment | Content-Type | Size |
|---|---|---|
| fix-ecpg-quote-handling.patch | text/x-diff | 7.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-10-20 19:56:30 | Re: CREATE TABLE .. PARTITION OF fails to preserve tgenabled for inherited row triggers |
| Previous Message | Justin Pryzby | 2020-10-20 19:44:12 | Re: CREATE TABLE .. PARTITION OF fails to preserve tgenabled for inherited row triggers |