On Thu, Jan 14, 2010 at 8:46 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> I have yet to fully review the code but on a quick glance it looks reasonable.
On further review, it looks less reasonable. :-(
The new PQescapeIdentConn function is basically a cut-up version of
PQescapeStringInternal, which seems like a reasonable foundation, but
it rips out a little too much - specifically:
1. the length argument,
2. the size_t return value,
3. the portion of the handling for incomplete multibyte characters
that prevents us from overrunning the output buffer on a maliciously
constructed (or unlucky) input string, and
4. some relevant comments.
I'm inclined to think we should put all of that stuff back, but
certainly #3 at a minimum.
In response to
pgsql-hackers by date
|Next:||From: Erik Rijkers||Date: 2010-01-16 18:54:33|
|Subject: Re: review: More frame options in window functions|
|Previous:||From: Simon Riggs||Date: 2010-01-16 18:20:37|
|Subject: Re: Hot Standby and handling max_standby_delay|