Skip site navigation (1) Skip section navigation (2)

Re: Fwd: Bug#372115: Last security update of postgresql-contrib breaks database replication with DBMirror.pl

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Martin Pitt <martin(at)piware(dot)de>
Cc: PostgreSQL Bugs <pgsql-bugs(at)postgresql(dot)org>
Subject: Re: Fwd: Bug#372115: Last security update of postgresql-contrib breaks database replication with DBMirror.pl
Date: 2006-06-10 16:38:20
Message-ID: 780.1149957500@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
Martin Pitt <martin(at)piware(dot)de> writes:
> Does anyone know DBMirror.pl? The proposed fix seems wrong since it
> just reverts the behavior to the old quote escaping style.

I don't know it, but the function being complained of seems exactly the
sort of ad-hoc escaping logic that the security update warns you should
get rid of.  (I fear we failed to notice it because it was in Perl not C
:-() I think it should be rewritten from the ground up.  Does the Pg
Perl module expose PQescapeString by any chance?  Relying on that would
be far better than letting this code live.

			regards, tom lane

In response to

pgsql-bugs by date

Next:From: Tom LaneDate: 2006-06-10 23:30:19
Subject: Re: BUG #2475: Row limit problem
Previous:From: Bruce MomjianDate: 2006-06-10 16:02:35
Subject: Re: Fwd: Bug#372115: Last security update of postgresql-contrib

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group