Re: [HACKERS] psql \copy warning

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Jeremy Drake <pgsql(at)jdrake(dot)com>, PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: [HACKERS] psql \copy warning
Date: 2006-05-28 22:22:45
Message-ID: 518.1148854965@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> The attached patch fixes the warning you received by adding E'' strings
> to the \copy arguments, and adds it for the other backslash commands
> like \d.

Further comment on this: I don't think we want all these places
individually making this sort of decision. What they should all be
doing is using appendStringLiteralConn to generate the properly-quoted
literal. (I fixed this already in describe.c, but not in those other
places.)

Once we've got that done, we could argue about whether appendStringLiteral
ought to prepend an E to silence escape_string_warning. I'd still vote
no, but at least it would be a single place to change and not N of 'em.
What's more, each place that is generating a variable literal without
using appendStringLiteral or PQescapeString is at least potentially
vulnerable to encoding issues, and so we should probably convert them
anyway.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Joshua D. Drake 2006-05-28 23:42:59 Re: anoncvs still slow
Previous Message Tom Lane 2006-05-28 21:53:07 Re: LIKE, leading percent, bind parameters and indexes

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2006-05-28 23:54:31 Re: [HACKERS] psql \copy warning
Previous Message Tom Lane 2006-05-28 05:00:18 Re: [HACKERS] psql \copy warning