Skip site navigation (1) Skip section navigation (2)

Re: PQescapeString handling of \0

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: greg(at)turnstep(dot)com
Cc: pgsql-interfaces(at)postgresql(dot)org
Subject: Re: PQescapeString handling of \0
Date: 2003-10-03 15:31:02
Message-ID: 19872.1065195062@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-interfaces
greg(at)turnstep(dot)com writes:
> Tom Lane wrote:
>>> Hm.  Is that really the right behavior?

> Has we reached a consensus on this? I'd like to have DBD::Pg and
> PQescapeString consistent. Right now, we (DBD::Pg) are leaning toward
> the "bail if we hit \0" theory, but it would be nice to have something
> definitive in the API.

Ugly as it is, I think that we have little choice but to go with the
behavior Igor proposes (stop at \0).  If we do the other then we will
have to raise the required size of the output buffer, which will
silently break existing apps (possibly creating security holes, even).
So essentially PQescapeString is going to become like strncpy --- stop
at either \0 or the given count.

This patch hasn't been applied as of 7.4b4 but I'll try to get it in
shortly.

			regards, tom lane

In response to

Responses

pgsql-interfaces by date

Next:From: Jeroen T. VermeulenDate: 2003-10-03 15:51:02
Subject: Re: PQescapeString handling of \0
Previous:From: gregDate: 2003-10-03 13:37:34
Subject: Re: PQescapeString handling of \0

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group