Quick Links

Re: Disallowing multiple queries per PQexec()

From:	Andreas Karlsson <andreas(at)proxel(dot)se>
To:	Bruce Momjian <bruce(at)momjian(dot)us>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Surafel Temesgen <surafel3000(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Disallowing multiple queries per PQexec()
Date:	2017-02-28 14:59:08
Message-ID:	5bb41454-9773-c6c8-3cf3-29e07d030f00@proxel.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 02/28/2017 03:13 PM, Bruce Momjian wrote:
> I might have added that one; the text is:
>
> Consider disallowing multiple queries in PQexec()
> as an additional barrier to SQL injection attacks
>
> and it is a "consider" item. Should it be moved to the Wire Protocol
> Changes / v4 Protocol section or removed?

A new protocol version wont solve the breakage of the C API, so I am not
sure we can ever drop this feature other than by adding a new function
something in the protocol to support this.

Andreas

In response to

Re: Disallowing multiple queries per PQexec() at 2017-02-28 14:13:31 from Bruce Momjian

Responses

Re: Disallowing multiple queries per PQexec() at 2017-02-28 20:45:43 from Andres Freund

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Aleksander Alekseev	2017-02-28 15:05:36	Re: [POC] hash partitioning
Previous Message	Andrew Dunstan	2017-02-28 14:40:40	Re: btree_gin and btree_gist for enums