Re: Tightening up allowed custom GUC names

[ getting back to this, after a bit of procrastination ]

Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> On 2/11/21 1:32 PM, Tom Lane wrote:
>> Noah Misch <noah(at)leadboat(dot)com> writes:
>>> On Tue, Feb 09, 2021 at 05:34:37PM -0500, Tom Lane wrote:
>>>> * A case could be made for tightening things up a lot more, and not
>>>> allowing anything that doesn't look like an identifier. I'm not
>>>> pushing for that, as it seems more likely to break existing
>>>> applications than the narrow restriction proposed here. But I could
>>>> live with it if people prefer that way.

>>> I'd prefer that. Characters like backslash, space, and double quote have
>>> significant potential to reveal bugs, while having negligible application
>>> beyond revealing bugs.

> That might be a bit restrictive. I could at least see allowing '-' as
> reasonable, and maybe ':'. Not sure about other punctuation characters.
> OTOH I'd be surprised if the identifier restriction would burden a large
> number of people.

We can't allow '-', for the specific reason that it won't work as a -c
argument (thanks to -c's translation of '-' to '_'). The whole point here
is to prevent corner cases like that. ':' would be all right, but I think
it's a lot simpler to explain and a lot harder to break in future if we
just say that the names have to be valid identifiers.

Patch that does it like that attached.

(I concur with the downthread opinions that we shouldn't back-patch this.)

regards, tom lane