| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
| Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: quoting psql varible as identifier |
| Date: | 2010-01-02 18:53:22 |
| Message-ID: | 9473.1262458402@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> writes:
> here is patch
I looked at this patch a bit, and I think the real problem with it is
that it's not multibyte safe. You've copied backend code that is
allowed to assume it's in a safe encoding (ie, one where multibyte
characters can't contain non-high-bit-set bytes). This is not okay
on the client side, see SJIS and similar encodings.
Where you need to start out is by cloning PQescapeStringConn, which does
a similar type of transformation correctly even in unsafe encodings.
I think we'd agreed upthread that libpq should provide
PQescapeIdentifier functionality anyhow.
Once you've actually read that code, you'll realize that it's okay to
treat the error result as a warning, which resolves the other point
of concern. Just print the message and use the result anyway.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2010-01-02 18:53:44 | Re: quoting psql varible as identifier |
| Previous Message | Tom Lane | 2010-01-02 18:41:27 | Re: quoting psql varible as identifier |