Quick Links

Re: Add GUC to enable libxml2's XML_PARSE_HUGE

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Jim Jones <jim(dot)jones(at)uni-muenster(dot)de>
Cc:	PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Erik Wienhold <ewie(at)ewie(dot)name>, Michael Paquier <michael(at)paquier(dot)xyz>
Subject:	Re: Add GUC to enable libxml2's XML_PARSE_HUGE
Date:	2025-08-20 15:46:11
Message-ID:	1118289.1755704771@sss.pgh.pa.us
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Jim Jones <jim(dot)jones(at)uni-muenster(dot)de> writes:
> To address this, Erik and I would like to propose a new GUC,
> xml_parse_huge, which controls libxml2’s XML_PARSE_HUGE option.

Given the spotty security history of libxml2, I can't really see
how this wouldn't be enormously unsafe. Even as a superuser-only
option, it seems like a bad idea.

Independently of that, we have learned the hard way that GUCs
that change application-visible query semantics are a bad idea.
You cannot really argue that this wouldn't be one.

regards, tom lane

In response to

Add GUC to enable libxml2's XML_PARSE_HUGE at 2025-08-20 15:37:50 from Jim Jones

Responses

Re: Add GUC to enable libxml2's XML_PARSE_HUGE at 2025-08-20 19:42:27 from Jim Jones
Re: Add GUC to enable libxml2's XML_PARSE_HUGE at 2025-08-20 22:55:36 from Michael Paquier

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andres Freund	2025-08-20 16:11:39	Re: Adding REPACK [concurrently]
Previous Message	Jim Jones	2025-08-20 15:37:50	Add GUC to enable libxml2's XML_PARSE_HUGE