Re: Decision by Monday: PQescapeString() vs. encoding violation

Andres Freund <andres@anarazel.de>

From: Andres Freund <andres@anarazel.de>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Jeff Davis <pgsql@j-davis.com>, Noah Misch <noah@leadboat.com>, pgsql-hackers@postgresql.org
Date: 2025-02-15T20:59:43Z
Lists: pgsql-hackers
Hi,

On 2025-02-15 15:52:01 -0500, Tom Lane wrote:
> The v5 patch seems Good Enough(TM) to me.

Agreed.


> We can refine it later perhaps; I don't think something like the above would
> affect anything that external code should care about.

I don't really think it's worth spending cycles on this anytime soon. It makes
sense to put the effort in to replace invalid "characters" in a minimal way
when intending to actually use the "stripped" output permanently. But all
we're trying to do here is to a) ensure that the backend will error out b)
reduce the chances that other tooling (psql, xml parsers, ..) get confused due
to invalidly encoded data.

Greetings,

Andres Freund



Commits

  1. Make escaping functions retain trailing bytes of an invalid character.

  2. Fix handling of invalidly encoded data in escaping functions