Re: Decision by Monday: PQescapeString() vs. encoding violation
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Andres Freund <andres@anarazel.de>
Cc: Andrew Dunstan <andrew@dunslane.net>, Noah Misch <noah@leadboat.com>,
pgsql-hackers@postgresql.org, pgsql@j-davis.com
Date: 2025-02-15T18:35:10Z
Lists: pgsql-hackers
Andres Freund <andres@anarazel.de> writes: > It seems that nobody is arguing against the "just skip one byte" behaviour, so > I'm inclined to push this fairly soon, even if Noah's "24 hours" haven't quite > elapsed. A few more cycles in the buildfarm wouldn't hurt. Agreed. I thought there would be more discussion, but it seems nobody really objects to changing this. The other thing that was discussed in the security thread was modifying PQescapeStringInternal and PQescapeInternal to produce no more than one complaint about invalid multibyte characters, on the grounds that input that's just plain in some other encoding would otherwise produce a ton of repetitive messages. That seems trivial enough to mechanize with a bool already_complained flag, so I think we should incorporate that refinement while we're here. I can write that patch if you're busy. regards, tom lane
Commits
-
Make escaping functions retain trailing bytes of an invalid character.
- e782a63ccb76 15.12 landed
- d6d29b2133f1 13.20 landed
- c08309584ac5 14.17 landed
- 9f45e6a91d84 18.0 landed
- 991a60a9f23b 16.8 landed
- 3abe6e04cc69 17.4 landed
-
Fix handling of invalidly encoded data in escaping functions
- 5dc1e42b4fa6 18.0 cited