Re: bugfix: invalid bit/varbit input causes the log file to be unreadable

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Quan Zongliang <quanzongliang(at)gmail(dot)com>
Cc: pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: bugfix: invalid bit/varbit input causes the log file to be unreadable
Date: 2020-06-28 17:10:59
Message-ID: 273506.1593364259@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

I wrote:
> Even granting the premise, the proposed patch seems like a significant
> decrease in user-friendliness for typical cases. I'd rather see us
> make an effort to print one valid-per-the-DB-encoding character.
> Now that we can rely on snprintf to count %s restrictions in bytes,
> I think something like this should work:
> errmsg("\"%.*s\" is not a valid binary digit",
> pg_mblen(sp), sp)));
> But the real problem is that this is only the tip of the iceberg.
> You didn't even hit all the %c usages in varbit.c.

I went through all the %c format sequences in the backend to see which
ones could use this type of fix. There were not as many as I'd expected,
but still a fair number. (I skipped cases where the input was coming from
the catalogs, as well as some non-user-facing debug printouts.) That
leads to the attached patch, which seems to do the job without breaking
anything that works today.

regards, tom lane

PS: I failed to resist the temptation to improve some shoddy error
messages nearby in pageinspect/heapfuncs.c.

Attachment Content-Type Size
avoid-percent-c-for-possibly-non-ASCII-data-1.patch text/x-diff 8.7 KB

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2020-06-28 17:21:14 Re: Fwd: PostgreSQL: WolfSSL support
Previous Message Joe Conway 2020-06-28 17:00:29 Re: pg_read_file() with virtual files returns empty string