Re: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation'

From: Sergei Kornilov <sk(at)zsrv(dot)org>
To: Thu Luu <ltthu2810(at)gmail(dot)com>, "pgsql-bugs(at)postgresql(dot)org" <pgsql-bugs(at)postgresql(dot)org>
Subject: Re: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation'
Date: 2018-01-04 10:09:31
Message-ID: 1246531515060571@web58o.yandex.ru
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Hi!
I do not understand what your problem is. UTF8 character may be 4 bytes long by standart. Postgresql can store this characters. Mysql - for history reasons - treat utf8 as at most 3 byte characters and is not fully unicode compatible. In mysql 5.5 was added utf8mb4 charset which is full unicode compatible and can store 4 byte characters ( https://dev.mysql.com/doc/refman/5.5/en/charset-unicode-utf8mb4.html ). Discarding or correct storing 4-byte symbols is not vulnerabilities, just historical error in mysql.

PS: given link is broken due outdated https cert.

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message PG Bug reporting form 2018-01-04 20:06:33 BUG #14999: pg_rewind corrupts control file global/pg_control
Previous Message Thu Luu 2018-01-04 08:11:19 Fwd: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation'