Re: a vulnerability in PostgreSQL

Tatsuo Ishii <t-ishii@sra.co.jp>

From: Tatsuo Ishii <t-ishii@sra.co.jp>
To: lyeoh@pop.jaring.my
Cc: pgsql-hackers@postgresql.org
Date: 2002-05-02T08:50:46Z
Lists: pgsql-hackers
> Not tested: but how about the string being
> foo'; DROP TABLE T1; foo
> 
> Would the last ' be eaten up then resulting in no error?

Even the last ' is eaten up, the remaining string is (81a2), which
would cause parser errors since they are not valid SQL, I think.

> Also normally a \ would be quoted by \\ right? Would a foo\ result in an 
> unquoted \ ? An unquoted backslash may allow some possibilities.
> 
> There could be other ways to get rid of the last ', comments etc, so it may 
> not be just 6.5.x.

Please provide concrete examples. I could not find such that case.
--
Tatsuo Ishii