Re: quoting psql varible as identifier
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Pavel Stehule <pavel.stehule@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Alvaro Herrera <alvherre@commandprompt.com>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2010-01-18T18:31:43Z
Lists: pgsql-hackers
On Sun, Jan 17, 2010 at 2:04 PM, Pavel Stehule <pavel.stehule@gmail.com> wrote: > I rewrote patch so now interface for PQescapeIdentConn is same as > PQescapeStringConn > > @3. I though so the protection under incomplete multibyte chars are > enought - missing bytes are replaced by space - like > PQescapeStringConn does. That much is fine, but the output buffer is only guaranteed to be of size 2n+1. Imagine the input is two double-quotes followed by a byte for which pg_encoding_mblen() returns 4. The input is 3 characters long so the user was responsible to provide 7 bytes of output space, but you'll try to write 9 bytes to it (including the terminating NUL). > But now - mechanism is exactly same, so this > problem should be solved. This is no better. What the function does no longer matches either its comments or the documentation (which also contradict each other). Let me take a crack at this and post a patch. We're making this harder than it needs to be. ...Robert