Re: a vulnerability in PostgreSQL
Tatsuo Ishii <t-ishii@sra.co.jp>
From: Tatsuo Ishii <t-ishii@sra.co.jp>
To: lyeoh@pop.jaring.my
Cc: pgsql-hackers@postgresql.org
Date: 2002-05-02T08:50:46Z
Lists: pgsql-hackers
> Not tested: but how about the string being > foo'; DROP TABLE T1; foo > > Would the last ' be eaten up then resulting in no error? Even the last ' is eaten up, the remaining string is (81a2), which would cause parser errors since they are not valid SQL, I think. > Also normally a \ would be quoted by \\ right? Would a foo\ result in an > unquoted \ ? An unquoted backslash may allow some possibilities. > > There could be other ways to get rid of the last ', comments etc, so it may > not be just 6.5.x. Please provide concrete examples. I could not find such that case. -- Tatsuo Ishii