Re: pg17.3 PQescapeIdentifier() ignores len

From: Andres Freund <andres(at)anarazel(dot)de>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Justin Pryzby <pryzby(at)telsasoft(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: pg17.3 PQescapeIdentifier() ignores len
Date: 2025-02-14 23:55:55
Message-ID: bukicrp3akqomk7lf6ywa7faxhxdnlcxnwfqx7tyeylemps2qi@gfrmkafkmcjx
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi,

On 2025-02-13 14:00:09 -0500, Tom Lane wrote:
> Justin Pryzby <pryzby(at)telsasoft(dot)com> writes:
> > The fprintf suggests that since 5dc1e42b4 PQescapeIdentifier ignores its len.
>
> Ugh, yes. Need something like the attached.

I just pushed this fix, together with an expansion of test_escape.c. With the
expanded test both uses of strlen() are detected.

> FTR, 5dc1e42b4 et al were quite subtle patches done under extreme time
> pressure. I wonder if they have any other issues. More eyes on those
> patches would be welcome, now that they are public.

Indeed.

Greetings,

Andres Freund

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Jacob Champion 2025-02-15 01:14:16 Re: [PoC] Federated Authn/z with OAUTHBEARER
Previous Message Melanie Plageman 2025-02-14 23:50:40 Re: Confine vacuum skip logic to lazy_scan_skip