| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Perry <rlperry(at)lodestonetechnologies(dot)com> |
| Cc: | pgsql-interfaces(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: By Passed Domain Constraints |
| Date: | 2005-07-06 16:05:58 |
| Message-ID: | 27039.1120665958@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-interfaces |
Robert Perry <rlperry(at)lodestonetechnologies(dot)com> writes:
> I have also been bitten by the problem you are describing. But,
> that one is a problem even when called from psql if I am not
> mistaken. Does psql not use pqlib? Perhaps it is something about
> PQexecParams that is the problem. I will test in a little while.
[ thinks about it... ] If you've declared the function input parameter
as a domain type and then write a parameterized query like
... function($1) ...
and don't specify any particular datatype for the parameter symbol,
I think the backend will infer the domain type as the parameter type.
Which would also allow bypassing the domain checks.
You could work around this by explicitly specifying the parameter
type as text or varchar or whatever the domain's base type is.
I wonder though if we oughtn't change the backend so that the inferred
type of a parameter symbol is never a domain, but the domain's base
type. That would force the proper application of CoerceToDomain inside
the constructed query parsetree.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Neil Conway | 2005-07-06 16:10:08 | Re: User's exception plpgsql |
| Previous Message | Tom Lane | 2005-07-06 15:56:01 | Re: User's exception plpgsql |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-07-06 16:59:47 | Re: libpq and connection failures |
| Previous Message | Robert Perry | 2005-07-06 15:43:06 | Re: By Passed Domain Constraints |